quotes.ecoverage.com Open in urlscan Pro
2606:4700:10::6816:897 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM#qs=r-aghbhadcdkhjhkiaffjekciakjfbkcgafcgieabababaiiadfhaceacjkdadhkgacekifbacb
Effective URL:
https://quotes.ecoverage.com/rates/
Submission: On September 12 via api (September 12th 2022, 3:38:16 am UTC) from BE — Scanned from DE

Summary HTTP 75 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 24 domains to perform 75 HTTP transactions. The main IP is 2606:4700:10::6816:897, located in United States and belongs to CLOUDFLARENET, US. The main domain is quotes.ecoverage.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2022. Valid for: a year.

This is the only time quotes.ecoverage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.217.72.68 52.217.72.68	16509 (AMAZON-02) (AMAZON-02)
1 1	96.43.141.123 96.43.141.123	19969 (JOESDATAC...) (JOESDATACENTER)
2	23.250.1.134 23.250.1.134	55286 (SERVER-MANIA) (SERVER-MANIA)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.215.112 143.204.215.112	16509 (AMAZON-02) (AMAZON-02)
2	35.176.109.196 35.176.109.196	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1e97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.209.191.2 54.209.191.2	14618 (AMAZON-AES) (AMAZON-AES)
1 21	2606:4700:10:... 2606:4700:10::6816:897	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.237.73.63 34.237.73.63	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 6	2600:9000:206... 2600:9000:206f:b800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.58.82 65.9.58.82	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.30.79.138 52.30.79.138	16509 (AMAZON-02) (AMAZON-02)
5	54.167.136.56 54.167.136.56	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.23.67 13.32.23.67	16509 (AMAZON-02) (AMAZON-02)
1	54.85.58.125 54.85.58.125	14618 (AMAZON-AES) (AMAZON-AES)
5	3.231.126.33 3.231.126.33	14618 (AMAZON-AES) (AMAZON-AES)
75	28

1 52.217.72.68 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ekcijufwcnqnaxtb.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.43.141.123 (United States) 1 redirects

ASN19969 (JOESDATACENTER, US)
PTR: fullgat-nip.romeosite.com

emk2skefkef.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.250.1.134 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

bayareaace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-112.fra53.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.109.196 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-109-196.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.209.191.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-191-2.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:10::6816:897 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

quotes.ecoverage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.73.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-73-63.compute-1.amazonaws.com

insurance.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:b800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-82.fra56.r.cloudfront.net

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.79.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-79-138.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.167.136.56 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-136-56.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-67.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.58.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-58-125.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.231.126.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-126-33.compute-1.amazonaws.com

collect.analyze.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ecoverage.com 1 redirects quotes.ecoverage.com	524 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 3596 d.adroll.com — Cisco Umbrella Rank: 2535	21 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 6565	98 KB
5	analyze.ly collect.analyze.ly — Cisco Umbrella Rank: 49276	800 B
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 21650	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	20 KB
4	traversedlp.com static.traversedlp.com — Cisco Umbrella Rank: 37069 api.traversedlp.com — Cisco Umbrella Rank: 9287	5 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	185 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3469	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 19	655 B
2	cloudfront.net d22xmn10vbouk4.cloudfront.net d2m2wsoho8qq12.cloudfront.net	23 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6777	6 KB
2	anura.io script.anura.io — Cisco Umbrella Rank: 58649	19 KB
2	bayareaace.com bayareaace.com	7 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 22960	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 35843	39 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3281	24 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	2 KB
1	mediaalpha.com insurance.mediaalpha.com — Cisco Umbrella Rank: 140099	5 KB
1	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 4641	260 B
1	duckdns.org 1 redirects emk2skefkef.duckdns.org	352 B
1	amazonaws.com ekcijufwcnqnaxtb.s3.amazonaws.com	467 B
75	24

	Domain	Requested by
21	quotes.ecoverage.com	1 redirects bayareaace.com quotes.ecoverage.com ekcijufwcnqnaxtb.s3.amazonaws.com
6	s.adroll.com	2 redirects www.googletagmanager.com quotes.ecoverage.com s.adroll.com
6	dev.visualwebsiteoptimizer.com	quotes.ecoverage.com dev.visualwebsiteoptimizer.com
5	collect.analyze.ly	d22xmn10vbouk4.cloudfront.net
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com quotes.ecoverage.com
3	api.traversedlp.com	static.traversedlp.com
3	www.googletagmanager.com	bayareaace.com quotes.ecoverage.com www.googletagmanager.com
2	www.google.de	quotes.ecoverage.com
2	www.google.com	quotes.ecoverage.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	munchkin.marketo.net	ekcijufwcnqnaxtb.s3.amazonaws.com munchkin.marketo.net
2	script.anura.io	ekcijufwcnqnaxtb.s3.amazonaws.com script.anura.io
2	bayareaace.com	ekcijufwcnqnaxtb.s3.amazonaws.com bayareaace.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	d.adroll.com	s.adroll.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	region1.google-analytics.com	www.googletagmanager.com
1	d22xmn10vbouk4.cloudfront.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	create.lidstatic.com	quotes.ecoverage.com
1	stackpath.bootstrapcdn.com	quotes.ecoverage.com
1	cdnjs.cloudflare.com	quotes.ecoverage.com
1	insurance.mediaalpha.com	quotes.ecoverage.com
1	signals.aimtell.com	bayareaace.com
1	static.traversedlp.com	www.googletagmanager.com
1	emk2skefkef.duckdns.org	1 redirects
1	ekcijufwcnqnaxtb.s3.amazonaws.com
75	29

This site contains links to these domains. Also see Links.

Domain
www.fidelitylife.com
ecoverage.com
www.ecoverage.com
www.fourwestcircle.com

Subject Issuer	Validity	Valid
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.traversedlp.com Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
script.anura.io Amazon	`2022-07-12` - `2023-08-10`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-18` - `2023-07-18`	a year	crt.sh
mediaalpha.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
*.analyze.ly Amazon	`2022-02-15` - `2023-03-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://quotes.ecoverage.com/rates/
Frame ID: 2C44BCA11F5DE3F045B2320E4330E6F9
Requests: 68 HTTP requests in this frame

Frame: https://quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662940800
Frame ID: DECF7AC24EBDA0DBE1D6A25C23EE3690
Requests: 3 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4B4CB419-375C-96BA-CE0F-739F225E8892&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064
Frame ID: A6F9112FE16E6B11BF92BC6AFB6543B8
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=4B4CB419-375C-96BA-CE0F-739F225E8892&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064
Frame ID: 9EDC4114B703F2A5ADF0F40D2E6860D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Life Insurance Quotes | eCoverage

Page URL History Show full URLs

https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM Page URL
http://emk2skefkef.duckdns.org/qs=r-aghbhadcdkhjhkiaffjekciakjfbkcgafcgieabababaiiadfhaceacjkdadhkgacekifbacb HTTP 302
http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697... Page URL
https://quotes.ecoverage.com/rates HTTP 301
https://quotes.ecoverage.com/rates/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

75
Requests

95 %
HTTPS

45 %
IPv6

24
Domains

29
Subdomains

28
IPs

5
Countries

1004 kB
Transfer

3079 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.fidelitylife.com/

Search URL Search Domain Scan URL

URL: https://ecoverage.com/

Search URL Search Domain Scan URL

URL: https://www.ecoverage.com/carrier-list/
Title: full list of carriers

Search URL Search Domain Scan URL

URL: https://ecoverage.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ecoverage.com/advertising-disclosures/
Title: Advertising Disclosures

Search URL Search Domain Scan URL

URL: https://www.fourwestcircle.com/o-cnnf-l14-8e010e861da50b9644c9fe3aae050cd7
Title: Opt-Out

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM Page URL
http://emk2skefkef.duckdns.org/qs=r-aghbhadcdkhjhkiaffjekciakjfbkcgafcgieabababaiiadfhaceacjkdadhkgacekifbacb HTTP 302
http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77 Page URL
https://quotes.ecoverage.com/rates HTTP 301
https://quotes.ecoverage.com/rates/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://emk2skefkef.duckdns.org/qs=r-aghbhadcdkhjhkiaffjekciakjfbkcgafcgieabababaiiadfhaceacjkdadhkgacekifbacb HTTP 302
http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77

Request Chain 51

https://s.adroll.com/j/exp/EDVQ5CMC3VH3LHR52CJ7D3/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 52

https://s.adroll.com/j/pre/EDVQ5CMC3VH3LHR52CJ7D3/4JLSEE7LHRBZPG5LZKXJAJ/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ekcijufwcnqnaxtb.HTM
ekcijufwcnqnaxtb.s3.amazonaws.com/ 111 B
467 B 358ms
123ms Document
text/html 52.217.72.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.72.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 111
Content-Type: text/html
Date: Mon, 12 Sep 2022 03:38:10 GMT
ETag: "d96584c727629d00a06621d72e798c52"
Last-Modified: Fri, 26 Aug 2022 14:06:55 GMT
Server: AmazonS3
x-amz-id-2: Ho+XfH99omW+OUTHZ9gYoxEvntKJ4WuBeCuxVusRs5ap4CualRVvdXz2HsdQ9N3x6I6XI5TCQjw=
x-amz-request-id: GPMQBCM72PZZZQWT

GET
H/1.1

200
OK

/ Show response
bayareaace.com/a670efc7bcfd6c28827fb04936c825132/
Redirect Chain

http://emk2skefkef.duckdns.org/qs=r-aghbhadcdkhjhkiaffjekciakjfbkcgafcgieabababaiiadfhaceacjkdadhkgacekifbacb
http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77

6 KB
6 KB

584ms
433ms

Document
text/html

23.250.1.134
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77
Requested by: Host: ekcijufwcnqnaxtb.s3.amazonaws.com
URL: https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM
Protocol: HTTP/1.1
Server: 23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: c248fd81eaa47ee359bc8eda696acf053c774384f2b478679d7176fb989d3f27

Request headers

Referer: https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM#qs=r-aghbhadcdkhjhkiaffjekciakjfbkcgafcgieabababaiiadfhaceacjkdadhkgacekifbacb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 03:49:07 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.3.33

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Mon, 12 Sep 2022 03:38:10 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16
location: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 82ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N

Requested by

Host: bayareaace.com
URL: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed36129a8d560d0a6b269c77b38c895d49fac80ad7e912d7342a2e6c44faeb5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bayareaace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38714
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 03:38:11 GMT

POST
H/1.1 200
OK fp.php Show response
bayareaace.com/ 0
194 B 309ms
309ms XHR
text/html 23.250.1.134
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://bayareaace.com/fp.php
Requested by: Host: bayareaace.com
URL: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77
Protocol: HTTP/1.1
Server: 23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 12 Sep 2022 03:49:07 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 91ms
22ms Script
application/javascript 143.204.215.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-112.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bayareaace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: KLbodh6xIMdiUWAxenjc1ByBclqfTj74
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 20:20:14 GMT
Server: AmazonS3
Age: 3495
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 12 Sep 2022 02:43:24 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 3bTom3ceFnb6CVuRVbl2hg4gjsik8cylBJIiUOc3P9sLodcy6U-PSw==

GET
H2 200 request.js Show response
script.anura.io/ 50 KB
18 KB 150ms
64ms Script
application/javascript 35.176.109.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=56309078&source=203930&campaign=28272&exid=4cff91aae962804bb66351a5128b35e8&644428255962

Requested by

Host: ekcijufwcnqnaxtb.s3.amazonaws.com
URL: https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.109.196 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-109-196.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

14875b03a068bac588318db8022800c33416d1f4c5f3edb7cd453d3a47490929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bayareaace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 matches
signals.aimtell.com/ 43 B
260 B 84ms
32ms Image
image/gif 2606:4700::6812:1e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Requested by: Host: bayareaace.com
URL: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bayareaace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 74959bdf5c035c26-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
407 B 334ms
107ms XHR
application/json 54.209.191.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.191.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-191-2.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bayareaace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://bayareaace.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

POST
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
325 B 107ms
107ms XHR
text/plain 54.209.191.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.191.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-191-2.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Referer: http://bayareaace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://bayareaace.com
date: Mon, 12 Sep 2022 03:38:12 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 316ms
106ms Preflight
text/html 54.209.191.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.191.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-191-2.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://bayareaace.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: http://bayareaace.com
access-control-expose-headers
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
content-length: 228
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 03:38:12 GMT
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
server: nginx/1.20.0
vary: Accept-Encoding

GET
H2

200

Primary Request / Show response
quotes.ecoverage.com/rates/
Redirect Chain

https://quotes.ecoverage.com/rates
https://quotes.ecoverage.com/rates/

39 KB
10 KB

172ms
172ms

Document
text/html

2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/rates/
Requested by: Host: bayareaace.com
URL: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 18f0165e70d134c3cc6aaa53dbc52d2996043bc647b07376dc883af73b21006d

Request headers

Referer: http://bayareaace.com/a670efc7bcfd6c28827fb04936c825132/?sid1=41573_9840915_13&sid2=5606_212968697_0_0_0_4483917_77_2695_139740_9840915_10_1892&sid3=77
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74959be4a9f4995d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 03:38:12 GMT
link: <https://quotes.ecoverage.com/wp-json/>; rel="https://api.w.org/" <https://quotes.ecoverage.com/?p=69>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74959be2b86b995d-FRA
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 03:38:12 GMT
location: https://quotes.ecoverage.com/rates/
server: cloudflare
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine
x-redirect-by: WordPress

POST
H2 200 response.json
script.anura.io/ 43 B
397 B 147ms
75ms XHR
application/json 35.176.109.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=203930&campaign=28272&exid=4cff91aae962804bb66351a5128b35e8&644428255962

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.109.196 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-109-196.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://bayareaace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 serve.js Show response
insurance.mediaalpha.com/js/ 11 KB
5 KB 328ms
108ms Script
application/javascript 34.237.73.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.mediaalpha.com/js/serve.js
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.73.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-73-63.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 058d96606598013aa61824ebe27ae19aa928c7578815eb8bf1cd74ae035bf5f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: gzip
server: Apache
content-length: 5115
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 sumoselect.min.css
cdnjs.cloudflare.com/ajax/libs/jquery.sumoselect/3.0.2/ 7 KB
2 KB 69ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.sumoselect/3.0.2/sumoselect.min.css

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d31bc925a88effb32e2052100f258d2b20f7e3b2955a6772b965ad31da8df139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1667400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1742
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULHFv9rz1TTL3SHHPODe9QPr1arG01qdCx1fUACJVC5YIrAwD4a5UAgX7PIuogCsg4zP%2FW1v48o40b74WDmVmoSFB%2BAVX0uxxMTUuzpdnOzMUPqwVsll3UYzXlF0aUeZYQOnEN%2BFEnkH9XRQ3D4uRhVe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74959be60c38bb53-FRA
expires: Sat, 02 Sep 2023 03:38:12 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 84ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://quotes.ecoverage.com/
Origin: https://quotes.ecoverage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 4222189
cdn-cachedat: 06/09/2022 12:07:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 99f9c6308253cf4af5704ffe939c740b
cf-ray: 74959be619c669a3-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
quotes.ecoverage.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 27ms
25ms Stylesheet
text/css 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: cloudflare
age: 596231
etag: W/"612efc26-13abe"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5caf6995d-FRA

GET
H2 200 style.css
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/ 8 KB
3 KB 28ms
26ms Stylesheet
text/css 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/style.css?ver=5.8.1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae26963724867750fcad6203b822f2c29d3e63f78d3a2dc3c8a424dcfbcb8a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 15:15:29 GMT
server: cloudflare
age: 596231
etag: W/"6183f911-4abc"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-polished: origSize=19132
cf-ray: 74959be5caf8995d-FRA
cf-bgj: minify

GET
H2 200 style.min.css
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ 9 KB
3 KB 28ms
27ms Stylesheet
text/css 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/style.min.css?ver=1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8a3ca19c9353c7dbcbe48570bf6ba061fb1029f7907b7ba04799cad8ab0e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 15:15:35 GMT
server: cloudflare
age: 212121
etag: W/"6183f917-253b"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5caf9995d-FRA

GET
H2 200 lpb.min.css
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ 79 KB
11 KB 316ms
314ms Stylesheet
text/css 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/lpb.min.css?ver=1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a0473bb4a2825de9eb510367d00146ffdf0c4e36d1ed89276cfa3ee55b9735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Nov 2021 15:15:34 GMT
server: cloudflare
etag: W/"6183f916-13b43"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5cafa995d-FRA

GET
H2 200 jquery.min.js Show response
quotes.ecoverage.com/wp-includes/js/jquery/ 87 KB
31 KB 31ms
29ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
age: 596231
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5cafb995d-FRA

GET
H2 200 jquery-migrate.min.js Show response
quotes.ecoverage.com/wp-includes/js/jquery/ 11 KB
4 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
age: 596231
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5cafc995d-FRA

GET
H2 200 vendor.min.js Show response
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ 902 KB
151 KB 35ms
34ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/vendor.min.js?ver=1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e4ffec34ab498b71da24a22f4f40790b0c20bf910a516b1f13f7e97bd679c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 15:15:35 GMT
server: cloudflare
age: 134037
etag: W/"6183f917-e194e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5cafd995d-FRA

GET
H2 200 scripts-lpb.min.js Show response
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ 42 KB
8 KB 321ms
320ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/scripts-lpb.min.js?ver=1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5339ea699ecf9fa771725312977fee870205b1234ad380b05d9cefd139781323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Nov 2021 15:15:35 GMT
server: cloudflare
etag: W/"6183f917-a82c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be5cafe995d-FRA

GET
H2 200 group-7@2x.png
quotes.ecoverage.com/wp-content/uploads/2020/06/ 2 KB
3 KB 27ms
25ms Image
image/webp 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.ecoverage.com/wp-content/uploads/2020/06/group-7@2x.png
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8baebafe9a35f65c93f02def3c31287cb3379679744ce18f4bc2e257c14c556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
cf-cache-status: HIT
age: 596232
cf-polished: origFmt=png, origSize=6698
content-disposition: inline; filename="group-7@2x.webp"
content-length: 2532
last-modified: Thu, 08 Oct 2020 19:32:28 GMT
server: cloudflare
etag: "5f7f694c-1a2a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74959be84cd6995d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Logo.png
quotes.ecoverage.com/wp-content/uploads/2020/06/ 3 KB
3 KB 28ms
26ms Image
image/webp 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.ecoverage.com/wp-content/uploads/2020/06/Logo.png
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476c9a5b18acb7c5b596789bb3eded31d9567d95ef811c9447b53b9f41ad5786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
cf-cache-status: HIT
age: 134038
cf-polished: origFmt=png, origSize=7340
content-disposition: inline; filename="Logo.webp"
content-length: 3166
last-modified: Thu, 08 Oct 2020 19:32:28 GMT
server: cloudflare
etag: "5f7f694c-1cac"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74959be84cd7995d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
quotes.ecoverage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
834 B 20ms
19ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://quotes.ecoverage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 17:30:56 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"631783d0-4d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 74959be7cc60995d-FRA
expires: Wed, 14 Sep 2022 03:38:13 GMT

GET
H2 200 wp-embed.min.js Show response
quotes.ecoverage.com/wp-includes/js/ 1 KB
809 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 596232
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be7dc66995d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 234 KB
75 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLX7M9

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efe6fb81c9c6bfaf0d20e03fcdfe446a9ab5cf9f08210e6f61d76e5bcb082675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76350
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 03:38:13 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
9 KB 84ms
32ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=497348&u=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&f=1&r=0.23241905244357652
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 31bf608723d62fe421fe1d4b21596823af2b8dfc45dde025cb7bd6ea4397fef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:12 GMT
via: 1.1 google
server: gfra1
etag: W/"1662710247"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache,max-age=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wp-emoji-release.min.js Show response
quotes.ecoverage.com/wp-includes/js/ 18 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: cloudflare
age: 134035
etag: W/"60bfebf0-4705"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be84cd8995d-FRA

GET
H2 200 getty-images-860036016@2x-scaled.jpg
quotes.ecoverage.com/wp-content/uploads/2020/07/ 243 KB
244 KB 709ms
708ms Image
image/jpeg 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.ecoverage.com/wp-content/uploads/2020/07/getty-images-860036016@2x-scaled.jpg
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808c08e28f32a22139fc42b07aad2848cd3885513cc6d65b0387b826b035fcd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Oct 2020 19:32:28 GMT
server: cloudflare
etag: "5f7f694c-3cdce"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74959be84cd9995d-FRA
content-length: 249294

GET
H2 200 fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 490ms
440ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js?snippet_version=2
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3b12ac1541de1163927c9fcda7e13e161a913c9f0bcc99e5fba10d7a2fd47c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 01:21:45 GMT
server: cloudflare
x-amz-request-id: X6YCRH9T3SD71KJG
etag: W/"0199fc371e67ca5c8d7c94ba0901dfa6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 74959be919d65c1a-FRA
x-amz-version-id: 4jA9Wyf03YpnT9..zP0RVdyn9Z4JpcyG
x-amz-id-2: QsuE96gIiu9d/LO2CHilOVGKwV/AH4UBmCpn7o/g6fGQSBo4zmwQi6Bm22rQFbwZtRoRJwrA7Rs=

GET
H2 200 png-item-1777666@2x.jpg
quotes.ecoverage.com/wp-content/uploads/2020/06/ 12 KB
12 KB 24ms
24ms Image
image/webp 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.ecoverage.com/wp-content/uploads/2020/06/png-item-1777666@2x.jpg
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 076ed2d9b4f0d8598d10b76882cfd10b9db67498a948782e7dcc0474e3128625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/rates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
cf-cache-status: HIT
age: 134037
cf-polished: origFmt=jpeg, origSize=16824
content-disposition: inline; filename="png-item-1777666@2x.webp"
content-length: 11946
last-modified: Thu, 08 Oct 2020 19:32:28 GMT
server: cloudflare
etag: "5f7f694c-41b8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74959be8ed5c995d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 invisible.js Show response
quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame DECF 40 KB
14 KB 22ms
22ms Script
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662940800
Requested by: Host: ekcijufwcnqnaxtb.s3.amazonaws.com
URL: https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac7fdc98b999af52bfb8be14c83c48e8b5ddc59c1c091e11cc98765f90979e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74959be8ed5f995d-FRA

GET
H2 200 icon-arrow-dark-blue.svg
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/src/images/ 245 B
298 B 24ms
23ms Image
image/svg+xml 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/src/images/icon-arrow-dark-blue.svg
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/lpb.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d483a8d0103837ff159d82bd001f4aab55b4f563f88a447e26d52a9690df1bd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/lpb.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 15:15:39 GMT
server: cloudflare
age: 596231
etag: W/"6183f91b-f5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74959be90d6a995d-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLX7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1335
date: Mon, 12 Sep 2022 03:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 05:15:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 96ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLX7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 03:38:13 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 53 KB
17 KB 82ms
23ms Script
text/javascript 2600:9000:206f:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLX7M9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

X-Amz-Version-Id: Vddx38ZQKv1IbZ14KTosCACMGBmCuRF1
Content-Encoding: gzip
Etag: W/"ce41fb88f59dfd9edbd6253effb535a4"
Age: 1009
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Last-Modified: Wed, 07 Sep 2022 21:24:31 GMT
Server: AmazonS3
Date: Mon, 12 Sep 2022 03:21:25 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 6pybeM_9cmwaKi9AVdwX4pNlFVAYrsUnrL7EFTarAh4FHWvgdQwmLA==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 75ms
19ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: ekcijufwcnqnaxtb.s3.amazonaws.com
URL: https://ekcijufwcnqnaxtb.s3.amazonaws.com/ekcijufwcnqnaxtb.HTM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:38:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 728

GET
H2 200 c0648764b65b11eab3db0abec2e02be9.js Show response
d22xmn10vbouk4.cloudfront.net/ 79 KB
21 KB 80ms
26ms Script
text/javascript 65.9.58.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/c0648764b65b11eab3db0abec2e02be9.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLX7M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-82.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac8e296f1c246fc1bf84f1411e266f0a0a46ba4b45295fed75efc466a0cbb884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 00:57:00 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:04:39 GMT
server: AmazonS3
age: 9674
etag: W/"a20c0b56bf5f88cf68df6e3036063ca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: public, max-age=601
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Z2j_okpVy4R8TKxKEbsG4jlWr2cQy7nOMlyu4L1G_IgcFdwZohPv0Q==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
72 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D0M3W1QDWH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLX7M9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f8733f38cc28a1f3abd63cd18d5ee9d8e146d09f29971950574bc4ab625c0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74172
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:38:13 GMT

GET
H3 200 tag-d5990fd383d5b9d0a7403bee21c7bc21.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 171 KB
48 KB 43ms
21ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d5990fd383d5b9d0a7403bee21c7bc21.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=497348&u=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&f=1&r=0.23241905244357652
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: c25fe05079bd4be6161723a27a6c4b8eb299c15f2bec78b4d76072f893efc958

Request headers

Referer: https://quotes.ecoverage.com/
Origin: https://quotes.ecoverage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
last-modified: Fri, 09 Sep 2022 07:57:11 GMT
server: gfra1
etag: "631af1d7-bfd7"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49111
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 130ms
108ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=497348&d=quotes.ecoverage.com&u=D9CA92BC54A09049F226E9E728F4CF66E&h=8988f3b6b4f464309c759540858c8026&t=false&r=0.4024565870552004

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 pica.js
quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame DECF 22 KB
8 KB 23ms
22ms Other
application/javascript 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f81e790f7fd058604fa9c7c26cfb439aede9c7fbd1bbf82507b024b7027687a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74959be95d95995d-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 210ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43809065-1&cid=980320791.1662953893&jid=1909146846&gjid=1702777446&_gid=892784854.1662953893&_u=YGBAgEABAAAAAE~&z=499908115

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 03:38:13 GMT
content-type: text/plain
access-control-allow-origin: https://quotes.ecoverage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 64ms
25ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=657191761&t=pageview&_s=1&dl=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&dr=http%3A%2F%2Fbayareaace.com%2F&ul=en-us&de=UTF-8&dt=Life%20Insurance%20Quotes%20%7C%20eCoverage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=1765945472&gjid=1627984504&cid=980320791.1662953893&tid=UA-43809065-7&_gid=892784854.1662953893&_r=1&gtm=2wg970NLX7M9&cg1=Landing%20Page%20-%20Lead%20Form%20Submission%20Flow&cg2=Customer%20Personal%20Details&cg3=Landing%20Page%20-%20Get%20Your%20Quote&cd1=Landing%20Page%20-%20Lead%20Form%20Submission%20Flow&cd2=Customer%20Personal%20Details&cd3=Landing%20Page%20-%20Get%20Your%20Quote&cd6=NA&cd12=Universal%20Analytics%20-%20pageView&cd13=2022-09-12T03%3A38%3A13.302%2B00%3A00&z=200626866

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quotes.ecoverage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
18ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=657191761&t=pageview&_s=1&dl=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&dr=http%3A%2F%2Fbayareaace.com%2F&ul=en-us&de=UTF-8&dt=Life%20Insurance%20Quotes%20%7C%20eCoverage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1909146846&gjid=1702777446&cid=980320791.1662953893&tid=UA-43809065-1&_gid=892784854.1662953893&gtm=2wg970NLX7M9&cd6=NA&cd12=Universal%20Analytics&cd13=2022-09-12T03%3A38%3A13.288%2B00%3A00&z=1475083999

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 20:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24351
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 150ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D0M3W1QDWH&gtm=2oe970&_p=657191761&cid=980320791.1662953893&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662953893&sct=1&seg=0&dl=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&dr=http%3A%2F%2Fbayareaace.com%2F&dt=Life%20Insurance%20Quotes%20%7C%20eCoverage&en=pageview&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D0M3W1QDWH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quotes.ecoverage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag-eb8d1b35b7a39e4dfe650dea932f88a9.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 106 KB
27 KB 23ms
23ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-eb8d1b35b7a39e4dfe650dea932f88a9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d5990fd383d5b9d0a7403bee21c7bc21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d6b5fb646d6aef8f62ead7fef8f042eadf29e317dabd2b8b9d464c112ea51266

Request headers

Referer: https://quotes.ecoverage.com/
Origin: https://quotes.ecoverage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
last-modified: Fri, 09 Sep 2022 07:57:11 GMT
server: gfra1
etag: "631af1d7-6b9d"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27549
via: 1.1 google

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 20ms
20ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:38:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4677
Expires: Wed, 21 Dec 2022 03:38:13 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
857 B 24ms
22ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=497348&settings_type=1&vn=7.0&exc=1|2|8|12
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d5990fd383d5b9d0a7403bee21c7bc21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6f50ba884ce0c3304799011c42c805f57fd46ec8576d7e3f7e3f349db05efcc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
via: 1.1 google
server: gfra1
etag: W/"1662710247"
content-type: application/javascript; charset=UTF-8
cache-control: no-cache,max-age=0
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984879444/ 2 KB
2 KB 114ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984879444/?random=1662953893493&cv=9&fst=1662953893493&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&ref=http%3A%2F%2Fbayareaace.com%2F&tiba=Life%20Insurance%20Quotes%20%7C%20eCoverage&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98293c02eac77d9ae0937375fc1202e1bab33774985cdb4ac4f699e312bc6ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/EDVQ5CMC3VH3LHR52CJ7D3/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

20ms
19ms

Script
application/javascript

2600:9000:206f:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: HTTP/1.1
Server: 2600:9000:206f:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

X-Amz-Version-Id: VS8aSrwndm.MeiNnyJ10ruHH56v74CIF
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 77717
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Fri, 02 Sep 2022 17:25:28 GMT
Server: AmazonS3
Date: Sun, 11 Sep 2022 06:02:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ku1TDnk5XfE6RKm35iXaxB8sL-IbRCxysk4KTWjhpp2dCQExSzGOEA==

Redirect headers

Date: Sun, 11 Sep 2022 09:57:57 GMT
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Age: 63615
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bmxTiLRbkvwwFST52EHMRG9muBAopKgeO9d3RSXhY_RBXOPcrEB7Vw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/EDVQ5CMC3VH3LHR52CJ7D3/4JLSEE7LHRBZPG5LZKXJAJ/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

21ms
21ms

Script
application/javascript

2600:9000:206f:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/
Protocol: HTTP/1.1
Server: 2600:9000:206f:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2945
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Mon, 12 Sep 2022 02:49:10 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: eJnVsh9ubfdvDWmaFN6gJhSYViaKWOJEfpR89ja4J_9XiIKXDbQADw==

Redirect headers

Date: Mon, 12 Sep 2022 02:02:52 GMT
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Age: 5720
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: D_v0ygZ6fkUHfGQP2dJSS0IoLacRY1lh7eyPixzil4AwXoMi60xmww==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/EDVQ5CMC3VH3LHR52CJ7D3/4JLSEE7LHRBZPG5LZKXJAJ/ 0
805 B 665ms
628ms Script
text/javascript 2600:9000:206f:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/EDVQ5CMC3VH3LHR52CJ7D3/4JLSEE7LHRBZPG5LZKXJAJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

X-Amz-Version-Id: SGUO_1Zt2ASl9.Ol6FrTRydL5QwAV33u
Via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Thu, 08 Sep 2022 09:24:15 GMT
Server: AmazonS3
Date: Mon, 12 Sep 2022 03:38:15 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UcK1FAUw1fZcseLQnzewVOXKDtpcDQJIQs1TvCxP5lT2xXK2iGyOiQ==

POST
H2 200 74959be4a9f4995d Show response
quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame DECF 2 B
312 B 53ms
52ms XHR
text/plain 2606:4700:10::6816:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/cv/result/74959be4a9f4995d
Requested by: Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662940800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
server: cloudflare
cf-ray: 74959bebff3d995d-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 78ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43809065-1&cid=980320791.1662953893&jid=1909146846&_u=YGBAgEABAAAAAE~&z=873105817

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 76ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43809065-1&cid=980320791.1662953893&jid=1909146846&_u=YGBAgEABAAAAAE~&z=873105817

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EDVQ5CMC3VH3LHR52CJ7D3 Show response
d.adroll.com/consent/check/ 460 B
553 B 243ms
47ms Script
application/javascript 52.30.79.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/EDVQ5CMC3VH3LHR52CJ7D3?arrfrr=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&_s=f7b6ebb3f47c736d128327541b5476ab&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.79.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-79-138.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: fc6836356e4b5c5fbd16b04003635b854701a89051c5c60c1d47ad86491f73cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
server: nginx/1.20.0
content-length: 460
content-type: application/javascript

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 77ms
26ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43809065-7&cid=980320791.1662953893&jid=1765945472&gjid=1627984504&_gid=892784854.1662953893&_u=YGDAAEABAAAAAG~&z=1536377767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 03:38:13 GMT
content-type: text/plain
access-control-allow-origin: https://quotes.ecoverage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/984879444/ 42 B
154 B 70ms
33ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984879444/?random=1662953893493&cv=9&fst=1662951600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&ref=http%3A%2F%2Fbayareaace.com%2F&tiba=Life%20Insurance%20Quotes%20%7C%20eCoverage&async=1&fmt=3&is_vtc=1&random=4014744928&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/984879444/ 42 B
154 B 67ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984879444/?random=1662953893493&cv=9&fst=1662951600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fquotes.ecoverage.com%2Frates%2F&ref=http%3A%2F%2Fbayareaace.com%2F&tiba=Life%20Insurance%20Quotes%20%7C%20eCoverage&async=1&fmt=3&is_vtc=1&random=4014744928&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: quotes.ecoverage.com
URL: https://quotes.ecoverage.com/rates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
658 B 386ms
162ms XHR
text/plain 54.167.136.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=2b16a830-89d9-481d-8ac0-fe48ae356f82&_=911835577

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.136.56 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-136-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

028b0e2072613ae1ab6bb20d69ec4e9295cf701f1859fd13acea8be0431ba47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Sep 2022 03:38:14 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 21ms
21ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d5990fd383d5b9d0a7403bee21c7bc21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quotes.ecoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:13 GMT
content-encoding: br
last-modified: Fri, 09 Sep 2022 07:57:06 GMT
server: gfra1
etag: "631af1d2-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame A6F9 3 KB
2 KB 73ms
19ms Document
text/html 13.32.23.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4B4CB419-375C-96BA-CE0F-739F225E8892&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-67.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://quotes.ecoverage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 3421
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 12 Sep 2022 02:43:05 GMT
ETag: W/"6298d697-dbb"
Last-Modified: Thu, 02 Jun 2022 15:26:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: yN3e_6Xh2EY9DeK0hKP2hIvmiP42ipyoDL0sRgFiyIk6wsDONQayGA==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 107ms
107ms XHR
text/plain 54.167.136.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=2b16a830-89d9-481d-8ac0-fe48ae356f82&token=4B4CB419-375C-96BA-CE0F-739F225E8892&_=911835578

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.136.56 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-136-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Sep 2022 03:38:14 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 209ms
209ms XHR
text/plain 54.167.136.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=2b16a830-89d9-481d-8ac0-fe48ae356f82&token=4B4CB419-375C-96BA-CE0F-739F225E8892&_=911835579

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.136.56 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-136-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Sep 2022 03:38:14 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 9EDC 4 KB
2 KB 341ms
104ms Document
text/html 54.85.58.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=4B4CB419-375C-96BA-CE0F-739F225E8892&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4B4CB419-375C-96BA-CE0F-739F225E8892&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.58.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-58-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 12 Sep 2022 03:38:14 GMT
etag: W/"62a74f42-1049"
expires: Tue, 13 Sep 2022 03:38:14 GMT
last-modified: Mon, 13 Jun 2022 14:52:50 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H/1.1 204
No Content / Show response
collect.analyze.ly/ 0
160 B 472ms
106ms XHR
text/plain 3.231.126.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.analyze.ly/
Requested by: Host: d22xmn10vbouk4.cloudfront.net
URL: https://d22xmn10vbouk4.cloudfront.net/c0648764b65b11eab3db0abec2e02be9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.126.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-126-33.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data; boundary=----1832fc6b274

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 03:38:14 GMT
Cache-Control: private
Server: Apache
Connection: keep-alive

POST
H/1.1 204
No Content / Show response
collect.analyze.ly/ 0
160 B 472ms
107ms XHR
text/plain 3.231.126.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.analyze.ly/
Requested by: Host: d22xmn10vbouk4.cloudfront.net
URL: https://d22xmn10vbouk4.cloudfront.net/c0648764b65b11eab3db0abec2e02be9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.126.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-126-33.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data; boundary=----1832fc6b275

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 03:38:14 GMT
Cache-Control: private
Server: Apache
Connection: keep-alive

POST
H/1.1 204
No Content / Show response
collect.analyze.ly/ 0
160 B 474ms
109ms XHR
text/plain 3.231.126.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.analyze.ly/
Requested by: Host: d22xmn10vbouk4.cloudfront.net
URL: https://d22xmn10vbouk4.cloudfront.net/c0648764b65b11eab3db0abec2e02be9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.126.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-126-33.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data; boundary=----1832fc6b276

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 03:38:14 GMT
Cache-Control: private
Server: Apache
Connection: keep-alive

POST
H/1.1 204
No Content / Show response
collect.analyze.ly/ 0
160 B 473ms
108ms XHR
text/plain 3.231.126.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.analyze.ly/
Requested by: Host: d22xmn10vbouk4.cloudfront.net
URL: https://d22xmn10vbouk4.cloudfront.net/c0648764b65b11eab3db0abec2e02be9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.126.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-126-33.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data; boundary=----1832fc6b276

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 03:38:14 GMT
Cache-Control: private
Server: Apache
Connection: keep-alive

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 417ms
314ms XHR
text/plain 54.167.136.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=2b16a830-89d9-481d-8ac0-fe48ae356f82&token=4B4CB419-375C-96BA-CE0F-739F225E8892&_=911835580

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.136.56 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-136-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Sep 2022 03:38:14 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 9EDC 0
626 B 314ms
106ms Script
text/javascript 54.167.136.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=43E84C4A-8A70-11E1-B18C-22000A1C5064&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&methods=48&token=4B4CB419-375C-96BA-CE0F-739F225E8892&uuid=451fec759f3b46ddaf655299949e0e09

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=4B4CB419-375C-96BA-CE0F-739F225E8892&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.136.56 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-136-56.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:38:14 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content / Show response
collect.analyze.ly/ 0
160 B 108ms
108ms XHR
text/plain 3.231.126.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.analyze.ly/
Requested by: Host: d22xmn10vbouk4.cloudfront.net
URL: https://d22xmn10vbouk4.cloudfront.net/c0648764b65b11eab3db0abec2e02be9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.126.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-126-33.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.ecoverage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data; boundary=----1832fc6b659

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 03:38:15 GMT
Cache-Control: private
Server: Apache
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bayareaace.com/	1970-01-20 06:39:05	Name: clkcheck28272 Value: 4cff91aae962804bb66351a5128b35e8_203930
.quotes.ecoverage.com/	1970-01-20 14:42:56	Name: _vwo_uuid_v2 Value: D9CA92BC54A09049F226E9E728F4CF66E\|8988f3b6b4f464309c759540858c8026
.ecoverage.com/	1970-01-20 05:57:20	Name: _gid Value: GA1.2.892784854.1662953893
.ecoverage.com/	1970-01-20 05:55:53	Name: _dc_gtm_UA-43809065-1 Value: 1
.ecoverage.com/	1970-01-20 05:55:53	Name: _gat_UA-43809065-7 Value: 1
.ecoverage.com/	1970-01-20 15:31:53	Name: _ga_D0M3W1QDWH Value: GS1.1.1662953893.1.0.1662953893.0.0.0
.ecoverage.com/	1970-01-20 15:31:53	Name: _ga Value: GA1.1.980320791.1662953893
.ecoverage.com/	1970-01-20 08:19:53	Name: _vis_opt_s Value: 1%7C
.ecoverage.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.ecoverage.com/	1970-01-20 15:31:53	Name: _vwo_uuid Value: D9CA92BC54A09049F226E9E728F4CF66E
.ecoverage.com/	1970-01-20 05:55:55	Name: _vwo_sn Value: 0%3A1
.doubleclick.net/	1970-01-20 05:55:54	Name: test_cookie Value: CheckForPermission
.ecoverage.com/	1970-01-20 07:22:17	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241662953892%3A13.39919092%3A%3A%3A12_0%2C8_0%2C2_0%2C1_0%3A0
.ecoverage.com/	1970-01-20 05:55:55	Name: __cf_bm Value: zXwdXhR9VCpZTeKvoMGz3HC.LVpFtEeBWPjl_yFcmU0-1662953893-0-AW6bmGc/lhs9fevBSgzLTuGgC5ICIxMkE6stMpY348c+KMLUiEBqop2ryWCigoCuCCIR/hxbDGQOluBg3/w3PuZrDw5wW08caL7Hxtfo+G5uBo8vpm2eE7tsUdSuIEd4PA==
quotes.ecoverage.com/	1969-12-31 23:59:59	Name: leadid_token-43E84C4A-8A70-11E1-B18C-22000A1C5064-FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8 Value: 4B4CB419-375C-96BA-CE0F-739F225E8892
.deviceid.trueleadid.com/	1970-01-20 15:31:53	Name: uuid Value: 451fec759f3b46ddaf655299949e0e09

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
bayareaace.com
cdnjs.cloudflare.com
collect.analyze.ly
create.leadid.com
create.lidstatic.com
d.adroll.com
d22xmn10vbouk4.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
dev.visualwebsiteoptimizer.com
deviceid.trueleadid.com
ekcijufwcnqnaxtb.s3.amazonaws.com
emk2skefkef.duckdns.org
googleads.g.doubleclick.net
insurance.mediaalpha.com
munchkin.marketo.net
quotes.ecoverage.com
region1.google-analytics.com
s.adroll.com
script.anura.io
signals.aimtell.com
stackpath.bootstrapcdn.com
static.traversedlp.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.32.23.67
143.204.215.112
172.217.18.2
2001:4860:4802:34::36
23.205.237.4
23.250.1.134
2600:9000:206f:b800:6:9280:1080:93a1
2606:4700:10::6816:897
2606:4700:10::ac43:29e5
2606:4700::6811:180e
2606:4700::6812:1e97
2606:4700::6812:bcf
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9c
3.231.126.33
34.237.73.63
34.96.102.137
35.176.109.196
52.217.72.68
52.30.79.138
54.167.136.56
54.209.191.2
54.85.58.125
65.9.58.82
96.43.141.123
028b0e2072613ae1ab6bb20d69ec4e9295cf701f1859fd13acea8be0431ba47a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
058d96606598013aa61824ebe27ae19aa928c7578815eb8bf1cd74ae035bf5f7
076ed2d9b4f0d8598d10b76882cfd10b9db67498a948782e7dcc0474e3128625
14875b03a068bac588318db8022800c33416d1f4c5f3edb7cd453d3a47490929
18f0165e70d134c3cc6aaa53dbc52d2996043bc647b07376dc883af73b21006d
1f8733f38cc28a1f3abd63cd18d5ee9d8e146d09f29971950574bc4ab625c0d3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e4ffec34ab498b71da24a22f4f40790b0c20bf910a516b1f13f7e97bd679c95
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
31bf608723d62fe421fe1d4b21596823af2b8dfc45dde025cb7bd6ea4397fef0
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
476c9a5b18acb7c5b596789bb3eded31d9567d95ef811c9447b53b9f41ad5786
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5339ea699ecf9fa771725312977fee870205b1234ad380b05d9cefd139781323
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f50ba884ce0c3304799011c42c805f57fd46ec8576d7e3f7e3f349db05efcc4
808c08e28f32a22139fc42b07aad2848cd3885513cc6d65b0387b826b035fcd2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88a0473bb4a2825de9eb510367d00146ffdf0c4e36d1ed89276cfa3ee55b9735
8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
98293c02eac77d9ae0937375fc1202e1bab33774985cdb4ac4f699e312bc6ab2
9ae26963724867750fcad6203b822f2c29d3e63f78d3a2dc3c8a424dcfbcb8a8
9f81e790f7fd058604fa9c7c26cfb439aede9c7fbd1bbf82507b024b7027687a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8e296f1c246fc1bf84f1411e266f0a0a46ba4b45295fed75efc466a0cbb884
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c248fd81eaa47ee359bc8eda696acf053c774384f2b478679d7176fb989d3f27
c25fe05079bd4be6161723a27a6c4b8eb299c15f2bec78b4d76072f893efc958
c8baebafe9a35f65c93f02def3c31287cb3379679744ce18f4bc2e257c14c556
cac7fdc98b999af52bfb8be14c83c48e8b5ddc59c1c091e11cc98765f90979e3
cb3b12ac1541de1163927c9fcda7e13e161a913c9f0bcc99e5fba10d7a2fd47c
d31bc925a88effb32e2052100f258d2b20f7e3b2955a6772b965ad31da8df139
d483a8d0103837ff159d82bd001f4aab55b4f563f88a447e26d52a9690df1bd5
d6b5fb646d6aef8f62ead7fef8f042eadf29e317dabd2b8b9d464c112ea51266
da8a3ca19c9353c7dbcbe48570bf6ba061fb1029f7907b7ba04799cad8ab0e6e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ed36129a8d560d0a6b269c77b38c895d49fac80ad7e912d7342a2e6c44faeb5f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe6fb81c9c6bfaf0d20e03fcdfe446a9ab5cf9f08210e6f61d76e5bcb082675
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
fc6836356e4b5c5fbd16b04003635b854701a89051c5c60c1d47ad86491f73cd

quotes.ecoverage.com Open in urlscan Pro 2606:4700:10::6816:897 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

95 %HTTPS

45 %IPv6

24 Domains

29 Subdomains

28 IPs

5 Countries

1004 kBTransfer

3079 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quotes.ecoverage.com Open in urlscan Pro
2606:4700:10::6816:897 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

95 %
HTTPS

45 %
IPv6

24
Domains

29
Subdomains

28
IPs

5
Countries

1004 kB
Transfer

3079 kB
Size

16
Cookies

75 HTTP transactions
0 data transactions