mx.www.safe-driver-discount-12295.bond Open in urlscan Pro
104.247.81.94  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mx.www.safe-driver-discount-12295.bond/	17 KB 7 KB	856ms 198ms	Document text/html	104.247.81.94 TEAMINTERNET-CA-A...
General Check archive.org Show headers Download Go to Full URL https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.247.81.94 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE), Reverse DNS Software Caddy Caddy / Resource Hash 393ee3bfff871016be4663ce0b01eb7c7049fe3cde59c5e26f56f3fb4d8f5f77 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ch viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile accept-ch-lifetime 30 alt-svc h3=":8443"; ma=2592000 content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 28 May 2025 06:24:41 GMT server Caddy Caddy vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_RrkKR6ZM3zkBmkjyaxs5N7Seg3yafXRLFlxTolKK0T16rwxXVYGNaj/f38q6ewAjXgc3xEp+WGqMLfGH/9dl8Q== x-buckets bucket102,bucket077 x-domain safe-driver-discount-12295.bond x-language english x-pcrew-blocked-reason hosting network x-pcrew-ip-organization i3D.net x-subdomain mx.www x-template tpl_CleanPeppermintBlack_twoclick
GET H2	200	c4601e5f6cdd73216cafdd5af209201c.js Show response euob.astarsbuilding.com/sxp/i/	110 KB 41 KB	426ms 146ms	Script text/javascript	2600:9000:26a0:9000:18:8b36:9d00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://euob.astarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26a0:9000:18:8b36:9d00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Caddy / Resource Hash 9ab293c6575480097e094eb0a3a7b1d7a72e5a3ba0ffb266ba416b1b4de9d401 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers cache-control max-age=43200 content-encoding gzip etag "1b62f-+UvXoRDOMtwrUa8nNgC6HkzUwp4" age 19511 via 1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront) expires Wed, 28 May 2025 12:59:30 GMT x-cache Hit from cloudfront content-length 41178 x-amz-cf-id VRy4CDHNguY7wN5ofxAWSOpzPkYV3KvtQ7T3_YYwZXhR-dX0HGVq7g== date Wed, 28 May 2025 00:59:35 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding server Caddy x-amz-cf-pop YUL62-P2
GET H2	200	browserjs Show response mx.www.safe-driver-discount-12295.bond/munin/a/tr/	0 55 B	136ms 136ms	XHR text/html	104.247.81.94 TEAMINTERNET-CA-A...
General Check archive.org Show headers Download Go to Full URL https://mx.www.safe-driver-discount-12295.bond/munin/a/tr/browserjs?domain=safe-driver-discount-12295.bond&toggle=browserjs&uid=MTc0ODQxMzQ4MS4wODkxOjZmZTg5Mzg5ZjMyNzhiYjdiZDhhZGRiZDdmMjQzZjdhNTVhMWFhNTJkMDcwODhlMWYzODUzMjVkZWRmZTg2MTk6NjgzNmFjMjkxNWJmYQ%3D%3D Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.247.81.94 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE), Reverse DNS Software Caddy, Caddy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers viewport-width 1600 ect 4g Referer https://mx.www.safe-driver-discount-12295.bond/ device-memory 8 dpr 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 rtt 150 downlink 6.25 Response headers accept-ch viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime 30 x-custom-track browserjs access-control-allow-origin * alt-svc h3=":8443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:41 GMT content-type text/html; charset=UTF-8 server Caddy, Caddy
GET H2	200	arrows.png d1t9jheyiyj1h6.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/	11 KB 11 KB	430ms 143ms	Image image/png	2600:9000:269f:2e00:1d:2a46:e80:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1t9jheyiyj1h6.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269f:2e00:1d:2a46:e80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers etag "czzekhpxmtxd8rz" age 84215 via 1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 11375 x-amz-cf-id qIaG6YjiXAY1QUZNfkTlIDI-YHqWXnoeDR9Rdb_tElyYwubrkxLNDA== date Tue, 27 May 2025 07:01:06 GMT content-type image/png last-modified Thu, 21 Mar 2024 11:48:11 GMT server nginx x-amz-cf-pop YUL62-P1 vary Accept-Encoding
GET H2	201	ls Show response mx.www.safe-driver-discount-12295.bond/munin/a/	0 350 B	563ms 562ms	XHR text/javascript	104.247.81.94 TEAMINTERNET-CA-A...
General Check archive.org Show headers Download Go to Full URL https://mx.www.safe-driver-discount-12295.bond/munin/a/ls?t=6836ac29&token=8e7f8924dfbf3e92123eedfff22920b5d1c9d465 Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.247.81.94 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE), Reverse DNS Software Caddy, Caddy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers viewport-width 1600 ect 4g Referer https://mx.www.safe-driver-discount-12295.bond/ device-memory 8 dpr 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 rtt 150 downlink 6.25 Response headers access-control-max-age 86400 accept-ch viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile access-control-allow-methods POST, OPTIONS x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ICRyGM2WcCdYewlyzXOeBtbqsseXD/PtNzXv7dinl+t/eI7j4sW85pY9WPK4S+jpQFU8NAtcT2PWyS5e0MtnXw== accept-ch-lifetime 30 status 201 Created x-log-success 6836ac29b6528b33be002866 access-control-allow-origin alt-svc h3=":8443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:41 GMT charset utf-8 content-type text/javascript;charset=UTF-8 server Caddy, Caddy
GET H2	200	caf.js Show response www.google.com/adsense/domains/	140 KB 51 KB	397ms 134ms	Script text/javascript	2607:f8b0:4004:c08::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::69 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 79d5f5059e8e8b7117326e96679439c1fc378566352a292047a3dcda02348924 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers content-encoding gzip etag "3644712799647408209" report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} x-content-type-options nosniff expires Wed, 28 May 2025 06:24:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 28 May 2025 06:24:41 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding link <https://syndicatedsearch.goog>; rel="preconnect" cache-control private, max-age=3600 cross-origin-opener-policy same-origin; report-to="ads-afs-ui" cross-origin-resource-policy cross-origin accept-ranges bytes x-xss-protection 0 server sffe
GET H2	200	ct Show response obseu.astarsbuilding.com/	4 KB 2 KB	642ms 220ms	Script text/javascript	2a05:d018:56f:b802:834:8d0e:be2f:5ebe AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://obseu.astarsbuilding.com/ct?id=77721&url=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F&sf=0&tpi=&ch=AdsDeli%20-%20referral%20-%20landingpage&uvid=8e7f8924dfbf3e92123eedfff22920b5d1c9d465&tsf=0&tsfmi=&tsfu=&cb=1748413481929&hl=2&op=0&ag=3750837127&rand=8311111519871220295188789006512973175131109812137220216958616405708801201064220502855187&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk5NDldLFsiYWJuY2giLDM3XSxbLTcsIi0iXSxbLTIzLCIrIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zNCwiLSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy02NiwiZ2VvbG9jYXRpb24sY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjcm9zc29yaWdpbmlzb2xhdGVkLHNjcmVlbndha2Vsb2NrLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsY2h1YWFyY2gsY29tcHV0ZXByZXNzdXJlLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksZGVmZXJyZWRmZXRjaCx1c2IsY2hzYXZlZGF0YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxzaGFyZWRzdG9yYWdlLGRlZmVycmVkZmV0Y2htaW5pbWFsLHJ1bmFkYXVjdGlvbixjaGRvd25saW5rLGNodWFmb3JtZmFjdG9ycyxvdHBjcmVkZW50aWFscyxwYXltZW50LGNodWEsY2h1YW1vZGVsLGNoZWN0LGF1dG9wbGF5LGNhbWVyYSxwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGFjY2VsZXJvbWV0ZXIsY2h1YXBsYXRmb3JtdmVyc2lvbixpZGxlZGV0ZWN0aW9uLHByaXZhdGVhZ2dyZWdhdGlvbixpbnRlcmVzdGNvaG9ydCxjaHZpZXdwb3J0aGVpZ2h0LGNhcHR1cmVkc3VyZmFjZWNvbnRyb2wsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy03MiwiRXhVPSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTMxLCJmYWxzZSJdLFstMzgsImksLTEsLTEsMSwwLDEsMCw0MSw2MTcsMjAxLC0xLDAsMTA0OCwxMDQ4LDE0NjYsMTQ2NiJdLFstNjEsIntcIndnc2xcIjpcIjQ7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO3JlYWRvbmx5X2FuZF9yZWFkd3JpdGVfc3RvcmFnZV90ZXh0dXJlcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjIsIjgwIl0sWy0yNSwiLSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0xOSwiWzExNzAsMTU3MCwxMTcwLDE1NzAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwLDBdIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstNjMsIjEiXSxbLTY4LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRSWEJrUlVVMU5TVW9ERmhaY1RGWmJGMWhLVFZoTFNsdE1VRlZkVUZkZUYxcFdWQlpLUVVrV1VCWmFEUThKQ0Z3TVh3OWFYVjBPQ2dzSUQxcFlYMTFkREZoZkN3a0FDd2tJV2hkVFNnTUlBd3dCQ0FFTUVCVllUUmxMR1JGUlRVMUpTZ01XRmx4TVZsc1hXRXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZsb05Ed2tJWEF4ZkQxcGRYUTRLQ3dnUFdsaGZYVjBNV0Y4TENRPT0iXSxbLTY5LCJMaW51eCB4ODZfNjR8R29vZ2xlIEluYy58OHwxNnx8MCJdLFstNSwiLSJdLFstMTQsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstNDAsIjMzIl0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy0yLCIxMCxlQVhHWDEvYjFmZWU5TjJaWmtOeDFDU0NBRkVrQjZGeFFVRUZDcFNoY0VSVkNhU2xHYUlDZ2dnb0FvQW9Jb0VFQkFtb0owUktRRWhJU1FIdEt6eWJZcHIzenQvN3R2NXUxT2xnIl0sWy04LCItIl0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE3LCIxNiJdLFstNTIsIi0iXSxbLTUzLCIwMDEiXSxbLTYwLDIwN10sWy0xLCItIl0sWy00LCItIl0sWy0yMCwiLSJdLFstMjcsIlsxNTAsNi4yNSwwLFwiNGdcIixudWxsXSJdLFstNDIsIjg4MzM5OTAxNiJdLFstNDYsIjAiXSxbLTU5LCJkZWZhdWx0Il0sWy0yOSwiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlLGZhbHNlXSJdLFstNDEsIi0iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMTAxMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ3LCJQYWNpZmljL0hvbm9sdWx1LGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNTUsIjAiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjgsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTYsIi0iXSxbLTE1LCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0zNSwiWzE3NDg0MTM0ODE5MjEsMTBdIl0sWy01MSwiLSJdLFstNTgsIi0iXSxbLTY1LCItIl0sWy02NywiLSJdLFstNzAsIi0iXSxbLTcxLCJhMDExMDAxMDEwMDEwMDEwMTAwMDEwMTAwMTExMTEwMTAwMDAxMCJdLFsiYm5jaCIsMTYxXSxbLTksIisiXSxbLTE2LCIwIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI0LCJbXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTQsIntcImhcIjpbXCIzMjk5NzI4NDUyXCIsXCI4MjI4MjMxMTlcIixcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIyNjQ2MDM4ODJcIl0sXCJzXCI6MX0iXSxbImRkYiIsIjAsMTAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMiwxLDIsMzcsMCwxMiwxLDEsMCwwLDEsMCwwLDAsMCwxLDAsMCwxMiwxLDAsMCwwLDAsMCwwLDAsMCwyLDEsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCw5LDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsNywwLDEsMCwwLDAsMCwwLDMsMCwwLDAsMCwxIl1d&dep=0&pre=0&sdd=&cri=cO2XFWOUIU&pto=1581&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1748413481.1OqD2Vd0NkEwMdSe&suid=1.1748413481.qknnL2tbSgWPVgXT&tuid=1.1748413481.YjKpLFhbGfLLaec3&fbc=-&gtm=-&it=8%2C865%2C543&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D Requested by Host: euob.astarsbuilding.com URL: https://euob.astarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 40ef45e9b2b297a246b65c01c4889bc729625b00c52d2705732255042b788e25 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin https://mx.www.safe-driver-discount-12295.bond content-encoding gzip pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT content-length 1254 date Wed, 28 May 2025 06:24:42 GMT content-type text/javascript
GET H3	200	cookie.js Show response partner.googleadservices.com/gampad/	416 B 273 B	306ms 178ms	Script text/javascript	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=mx.www.safe-driver-discount-12295.bond&client=dp-teaminternet02&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2 Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software cafe / Resource Hash 485135ea42bae51bdde5a89026f3038fee0b7702ca0dcfda671c52bfae9f2773 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers timing-allow-origin * content-encoding gzip cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 252 date Wed, 28 May 2025 06:24:42 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	ads Show response syndicatedsearch.goog/afs/ Frame F269	16 KB 4 KB	477ms 223ms	Document text/html	2607:f8b0:4004:c1d::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=bucket007%2C000003%2C%2Cbucket102%2Cbucket077&client=dp-teaminternet02&r=m&hl=en&rpbu=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.mmNYMOo9n-b591wTx-jdsA94HvyLeoOSk2S37MkewOS9FqzcOHaJQw.zFkfX27nUdbP-OD2p_Bp6g.CODKqFx5axze6A-ohJlAx1AAL3WJ3BrXqKiaHDvwdU5XK5tHXN6m2kgh3zoWBht45p6I-0s2bLci9u2PfDkggk_brtshYdSGeMPCQdRl6TQfXetsHP98k-b7yjRES-3n3Kh0rQFz3r3wQD27oss4Z_Osqs2wQqY7cmuRbzi9TAqyFtrh03RqyzVUmy-_ZyCKHN2RNKcQVipdkrsmkrjd8kZgD8vAy_RXz6Fe4IQACvjQrwijjbDvEG0Ev5W9okI8wuaadWEFpjRjwekiR5U8UkHVmGwxtGkatjU6gz_r1VlTaEmfUoQQzi_nYqna4PO5CgjBFiUwmgpfvV8nW7mn6b7YywvJMZm292KmR56GmoRqdctUxP3FEnY95EfcuRLyRAR7CSfL-Ri3qBSbhMobUSEPc3KnR_oO80ljTxVsobnYqpAIq2fMBAg0_90pz_8GTNy-vG32LwBS8nDY0vpJXXHF7Ftwow9O1h7LAfn8GHt7CxuJYBIg3KQMKtcLPuX7Jm-pYrXrPkS9IycubfpUAZErbzDs63NLDEEK8gYFmhUmm9k3tnbkUErC5TRIbOv-dTKxdfjZ7we9IEf-GheDvWLetRaMpJSMvJkXv5EUA_d3dLgqWEaB4MgxFjt8L1kn.L0iV0qU97zujZU1N0UeWMw&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-oo-1841436567816528&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107&format=r3%7Cs&nocache=6931748413482036&num=0&output=afd_ads&domain_name=mx.www.safe-driver-discount-12295.bond&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1748413482037&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash 55402093d06059b190f876204f9a99aa4e9f0bb804011f7a16de4836e4c09c28 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-KGXCnotX6kCZqaROopR9tA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Xss-Protection 0 Request headers Referer https://mx.www.safe-driver-discount-12295.bond/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ch Downlink RTT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-disposition inline content-encoding br content-length 3372 content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-KGXCnotX6kCZqaROopR9tA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other content-type text/html; charset=UTF-8 cross-origin-opener-policy same-origin-allow-popups; report-to="gws" date Wed, 28 May 2025 06:24:42 GMT expires Wed, 28 May 2025 06:24:42 GMT report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} server gws x-xss-protection 0
GET H2	200	caf.js Show response syndicatedsearch.goog/adsense/domains/ Frame F269	140 KB 51 KB	125ms 121ms	Script text/javascript	2607:f8b0:4004:c1d::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://syndicatedsearch.goog/adsense/domains/caf.js?pac=0 Requested by Host: syndicatedsearch.goog URL: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=bucket007%2C000003%2C%2Cbucket102%2Cbucket077&client=dp-teaminternet02&r=m&hl=en&rpbu=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.mmNYMOo9n-b591wTx-jdsA94HvyLeoOSk2S37MkewOS9FqzcOHaJQw.zFkfX27nUdbP-OD2p_Bp6g.CODKqFx5axze6A-ohJlAx1AAL3WJ3BrXqKiaHDvwdU5XK5tHXN6m2kgh3zoWBht45p6I-0s2bLci9u2PfDkggk_brtshYdSGeMPCQdRl6TQfXetsHP98k-b7yjRES-3n3Kh0rQFz3r3wQD27oss4Z_Osqs2wQqY7cmuRbzi9TAqyFtrh03RqyzVUmy-_ZyCKHN2RNKcQVipdkrsmkrjd8kZgD8vAy_RXz6Fe4IQACvjQrwijjbDvEG0Ev5W9okI8wuaadWEFpjRjwekiR5U8UkHVmGwxtGkatjU6gz_r1VlTaEmfUoQQzi_nYqna4PO5CgjBFiUwmgpfvV8nW7mn6b7YywvJMZm292KmR56GmoRqdctUxP3FEnY95EfcuRLyRAR7CSfL-Ri3qBSbhMobUSEPc3KnR_oO80ljTxVsobnYqpAIq2fMBAg0_90pz_8GTNy-vG32LwBS8nDY0vpJXXHF7Ftwow9O1h7LAfn8GHt7CxuJYBIg3KQMKtcLPuX7Jm-pYrXrPkS9IycubfpUAZErbzDs63NLDEEK8gYFmhUmm9k3tnbkUErC5TRIbOv-dTKxdfjZ7we9IEf-GheDvWLetRaMpJSMvJkXv5EUA_d3dLgqWEaB4MgxFjt8L1kn.L0iV0qU97zujZU1N0UeWMw&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-oo-1841436567816528&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107&format=r3%7Cs&nocache=6931748413482036&num=0&output=afd_ads&domain_name=mx.www.safe-driver-discount-12295.bond&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1748413482037&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 724e1b80fcb55ea88e43b1a39e24310402c2c24dae14749a685d46abedb130a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://syndicatedsearch.goog/ Response headers content-encoding gzip etag "10822707429080762871" report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} x-content-type-options nosniff expires Wed, 28 May 2025 06:24:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 28 May 2025 06:24:42 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding link <https://syndicatedsearch.goog>; rel="preconnect" cache-control private, max-age=3600 cross-origin-opener-policy same-origin; report-to="ads-afs-ui" cross-origin-resource-policy cross-origin accept-ranges bytes x-xss-protection 0 server sffe
GET H2	200	tc_imp.gif obseu.astarsbuilding.com/tracker/	43 B 79 B	209ms 209ms	Image image/gif	2a05:d018:56f:b802:834:8d0e:be2f:5ebe AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://obseu.astarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126ee6c334e943829f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59168a6f2617071a10acf9f29f671bd08688562a6b1efd2a7204823ed666c0563301759450025634575690ed6e1977be26bb25cb43e2916af05665ff0b2d7e1bda55ed43f497d7df3cbb2807ff7ecaa8556d8e0e3143714493d60264f260b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf6288ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dde56c9f345d83fec12f1f11f1343bfe984164efdef375de0ffb40e18c49c346d9d36d9a6d279c9a20d96698cefab6cdb3f11338ae6bf2fbb9234e2be19b7dd7f305ad06175782400ec78997cfd1b3833bd92bdd89b99e37bd2c2b6fd3342b99989703679ea875ac41bfc003d667a87e5346588c6eee5c8789ee7ef8df78f02da7c19cdb27d60a0a2dea5d540b2d073ed7ab67b355c4cb9764fdde25b3d02dd0c2b1be5e89a1c1586875caa61c54dcb30e4a12f7e2a07bb466cbb408b6be79f22df764874fc64a86ee65904b63bdf1cc74352d3e1136190b46d9bdd5398c46ce115c493be5a653cdce4a7fa2e18ae4f81596ffeeee9beab3e309132ef12c85b5507280416307d6635d716cea7aaf7619c1f7c0638a60d1398aab2ccdbf11987b0f22201e7d139cc3e5c73d7b559e1e5996cfc4b8b8c94f189db7ba618bcc7472c4cf133f6be58cdf5620da3b970bda43b72d9100dad612ffbe3ae69a8bd690467cee9f7a178010f28dcef063db1160755086745113f4fa0b9de606cb879acf50c58386300a3f46a07cf05bf429b0c53bf5652441276d151bf3469cc5760ced7dcab5f42bd8c849847072ac15742d81818b711a9207addc678c7b4d511fef383e9ebd95289d4534f1e80fb39d99a69248da41477644b626590dcfc14805e56285ab9674d08dfe045f60b03e754a16c51453ef85fc584cc1707bd28b95019481f8dd5321b939a7152a0b8e5c297fc9c25b02d887f1dce3ae01be79f53b9737cb8c01cdf1ea7474bcc452c89ea2a09da583df3e4390f4741689359603985ae5f839ea8b949363b8d890a4a75a69cda29fbe319d0bdb094f3c457ac0c6686a9f30a7&cri=cO2XFWOUIU&ts=667&cb=1748413482597 Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, no-store, must-revalidate content-length 43 date Wed, 28 May 2025 06:24:42 GMT pragma no-cache content-type image/gif
GET		f03bf9ed-728b-4b59-aeb1-6c6db745e432 https://mx.www.safe-driver-discount-12295.bond/	0 0
GET H2	200	yes Show response mx.www.safe-driver-discount-12295.bond/munin/a/tr/answercheck/	0 65 B	138ms 138ms	XHR text/html	104.247.81.94 TEAMINTERNET-CA-A...
General Check archive.org Show headers Download Go to Full URL https://mx.www.safe-driver-discount-12295.bond/munin/a/tr/answercheck/yes?domain=safe-driver-discount-12295.bond&caf=1&toggle=answercheck&answer=yes&uid=MTc0ODQxMzQ4MS4wODkxOjZmZTg5Mzg5ZjMyNzhiYjdiZDhhZGRiZDdmMjQzZjdhNTVhMWFhNTJkMDcwODhlMWYzODUzMjVkZWRmZTg2MTk6NjgzNmFjMjkxNWJmYQ%3D%3D Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.247.81.94 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE), Reverse DNS Software Caddy, Caddy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers viewport-width 1600 ect 4g Referer https://mx.www.safe-driver-discount-12295.bond/ device-memory 8 dpr 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 rtt 150 downlink 6.25 Response headers accept-ch viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime 30 x-custom-track answercheck access-control-allow-origin * alt-svc h3=":8443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:42 GMT content-type text/html; charset=UTF-8 server Caddy, Caddy
GET H2	200	adloaded Show response mx.www.safe-driver-discount-12295.bond/munin/a/tr/	0 63 B	142ms 142ms	XHR text/html	104.247.81.94 TEAMINTERNET-CA-A...
General Check archive.org Show headers Download Go to Full URL https://mx.www.safe-driver-discount-12295.bond/munin/a/tr/adloaded?toggle=adloaded&uid=MTc0ODQxMzQ4MS4wODkxOjZmZTg5Mzg5ZjMyNzhiYjdiZDhhZGRiZDdmMjQzZjdhNTVhMWFhNTJkMDcwODhlMWYzODUzMjVkZWRmZTg2MTk6NjgzNmFjMjkxNWJmYQ%3D%3D&domain=safe-driver-discount-12295.bond&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet02%22%2C%22adult%22%3Afalse%7D%7D%2C%22terms%22%3A%22%22%7D Requested by Host: mx.www.safe-driver-discount-12295.bond URL: https://mx.www.safe-driver-discount-12295.bond/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.247.81.94 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE), Reverse DNS Software Caddy, Caddy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers viewport-width 1600 ect 4g Referer https://mx.www.safe-driver-discount-12295.bond/ device-memory 8 dpr 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 rtt 150 downlink 6.25 Response headers accept-ch viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile accept-ch-lifetime 30 x-custom-track adloaded access-control-allow-origin * alt-svc h3=":8443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:43 GMT content-type text/html; charset=UTF-8 server Caddy, Caddy
GET H2	200	search.svg afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame F269	391 B 385 B	390ms 125ms	Image image/svg+xml	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff Requested by Host: syndicatedsearch.goog URL: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=bucket007%2C000003%2C%2Cbucket102%2Cbucket077&client=dp-teaminternet02&r=m&hl=en&rpbu=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.mmNYMOo9n-b591wTx-jdsA94HvyLeoOSk2S37MkewOS9FqzcOHaJQw.zFkfX27nUdbP-OD2p_Bp6g.CODKqFx5axze6A-ohJlAx1AAL3WJ3BrXqKiaHDvwdU5XK5tHXN6m2kgh3zoWBht45p6I-0s2bLci9u2PfDkggk_brtshYdSGeMPCQdRl6TQfXetsHP98k-b7yjRES-3n3Kh0rQFz3r3wQD27oss4Z_Osqs2wQqY7cmuRbzi9TAqyFtrh03RqyzVUmy-_ZyCKHN2RNKcQVipdkrsmkrjd8kZgD8vAy_RXz6Fe4IQACvjQrwijjbDvEG0Ev5W9okI8wuaadWEFpjRjwekiR5U8UkHVmGwxtGkatjU6gz_r1VlTaEmfUoQQzi_nYqna4PO5CgjBFiUwmgpfvV8nW7mn6b7YywvJMZm292KmR56GmoRqdctUxP3FEnY95EfcuRLyRAR7CSfL-Ri3qBSbhMobUSEPc3KnR_oO80ljTxVsobnYqpAIq2fMBAg0_90pz_8GTNy-vG32LwBS8nDY0vpJXXHF7Ftwow9O1h7LAfn8GHt7CxuJYBIg3KQMKtcLPuX7Jm-pYrXrPkS9IycubfpUAZErbzDs63NLDEEK8gYFmhUmm9k3tnbkUErC5TRIbOv-dTKxdfjZ7we9IEf-GheDvWLetRaMpJSMvJkXv5EUA_d3dLgqWEaB4MgxFjt8L1kn.L0iV0qU97zujZU1N0UeWMw&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-oo-1841436567816528&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107&format=r3%7Cs&nocache=6931748413482036&num=0&output=afd_ads&domain_name=mx.www.safe-driver-discount-12295.bond&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1748413482037&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://syndicatedsearch.goog/ Response headers content-encoding gzip age 23819 report-to {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} x-content-type-options nosniff expires Wed, 28 May 2025 22:47:44 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 23:47:44 GMT last-modified Thu, 20 Jul 2023 22:48:00 GMT content-type image/svg+xml vary Accept-Encoding content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cache-control public, max-age=82800 cross-origin-opener-policy same-origin; report-to="afs-native-asset-managers" accept-ranges bytes content-length 270 x-xss-protection 0 server sffe
GET H2	200	chevron.svg afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame F269	200 B 700 B	385ms 122ms	Image image/svg+xml	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff Requested by Host: syndicatedsearch.goog URL: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=5837883959&pcsa=false&channel=bucket007%2C000003%2C%2Cbucket102%2Cbucket077&client=dp-teaminternet02&r=m&hl=en&rpbu=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.mmNYMOo9n-b591wTx-jdsA94HvyLeoOSk2S37MkewOS9FqzcOHaJQw.zFkfX27nUdbP-OD2p_Bp6g.CODKqFx5axze6A-ohJlAx1AAL3WJ3BrXqKiaHDvwdU5XK5tHXN6m2kgh3zoWBht45p6I-0s2bLci9u2PfDkggk_brtshYdSGeMPCQdRl6TQfXetsHP98k-b7yjRES-3n3Kh0rQFz3r3wQD27oss4Z_Osqs2wQqY7cmuRbzi9TAqyFtrh03RqyzVUmy-_ZyCKHN2RNKcQVipdkrsmkrjd8kZgD8vAy_RXz6Fe4IQACvjQrwijjbDvEG0Ev5W9okI8wuaadWEFpjRjwekiR5U8UkHVmGwxtGkatjU6gz_r1VlTaEmfUoQQzi_nYqna4PO5CgjBFiUwmgpfvV8nW7mn6b7YywvJMZm292KmR56GmoRqdctUxP3FEnY95EfcuRLyRAR7CSfL-Ri3qBSbhMobUSEPc3KnR_oO80ljTxVsobnYqpAIq2fMBAg0_90pz_8GTNy-vG32LwBS8nDY0vpJXXHF7Ftwow9O1h7LAfn8GHt7CxuJYBIg3KQMKtcLPuX7Jm-pYrXrPkS9IycubfpUAZErbzDs63NLDEEK8gYFmhUmm9k3tnbkUErC5TRIbOv-dTKxdfjZ7we9IEf-GheDvWLetRaMpJSMvJkXv5EUA_d3dLgqWEaB4MgxFjt8L1kn.L0iV0qU97zujZU1N0UeWMw&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-oo-1841436567816528&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717107&format=r3%7Cs&nocache=6931748413482036&num=0&output=afd_ads&domain_name=mx.www.safe-driver-discount-12295.bond&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1748413482037&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&nfp=1&jsv=761064736&rurl=https%3A%2F%2Fmx.www.safe-driver-discount-12295.bond%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://syndicatedsearch.goog/ Response headers content-encoding gzip age 31684 report-to {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} x-content-type-options nosniff expires Wed, 28 May 2025 20:36:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 27 May 2025 21:36:39 GMT last-modified Thu, 02 Nov 2023 22:48:00 GMT content-type image/svg+xml vary Accept-Encoding content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cache-control public, max-age=82800 cross-origin-opener-policy same-origin; report-to="afs-native-asset-managers" accept-ranges bytes content-length 174 x-xss-protection 0 server sffe
GET H2	200	favicon.ico mx.www.safe-driver-discount-12295.bond/	0 79 B	131ms 130ms	Other image/vnd.microsoft.icon	104.247.81.94 TEAMINTERNET-CA-A...
General Check archive.org Show headers Download Go to Full URL https://mx.www.safe-driver-discount-12295.bond/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.247.81.94 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE), Reverse DNS Software Caddy, Caddy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers viewport-width 1600 ect 4g Referer https://mx.www.safe-driver-discount-12295.bond/ device-memory 8 dpr 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 rtt 150 downlink 6.25 Response headers etag "da0vc2psyw9c0" accept-ranges bytes alt-svc h3=":8443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:43 GMT content-type image/vnd.microsoft.icon last-modified Tue, 20 May 2025 09:08:55 GMT server Caddy, Caddy vary Accept-Encoding
POST H2	200	mon Show response obseu.astarsbuilding.com/	0 164 B	209ms 207ms	XHR application/json	2a05:d018:56f:b802:834:8d0e:be2f:5ebe AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://obseu.astarsbuilding.com/mon Requested by Host: euob.astarsbuilding.com URL: https://euob.astarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers access-control-allow-origin https://mx.www.safe-driver-discount-12295.bond content-length 0 date Wed, 28 May 2025 06:24:43 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE
GET H2	204	gen_204 syndicatedsearch.goog/afs/	0 510 B	378ms 132ms	Image text/html	2607:f8b0:4004:c1d::8a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet02&output=uds_ads_only&zx=vujr7kpi6nwk&cd_fexp=72717107&aqid=Kqw2aNTZGPrJnboPsIuuqAg&psid=5837883959&pbt=bs&adbx=535&adby=129&adbh=520&adbw=530&adbah=160%2C160%2C182&adbn=master-1&eawp=partner-dp-teaminternet02&errv=761064736&csala=6%7C0%7C524%7C305%7C165&lle=0&ifv=1&hpt=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-xVX4QORUJk94bhOHBAG4Jg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-xVX4QORUJk94bhOHBAG4Jg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy same-origin-allow-popups; report-to="gws" report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} permissions-policy unload=() alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:44 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server gws x-frame-options SAMEORIGIN
GET H2	204	gen_204 syndicatedsearch.goog/afs/	0 203 B	379ms 134ms	Image text/html	2607:f8b0:4004:c1d::8a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet02&output=uds_ads_only&zx=3x75lko8fku&cd_fexp=72717107&aqid=Kqw2aNTZGPrJnboPsIuuqAg&psid=5837883959&pbt=bv&adbx=535&adby=129&adbh=520&adbw=530&adbah=160%2C160%2C182&adbn=master-1&eawp=partner-dp-teaminternet02&errv=761064736&csala=6%7C0%7C524%7C305%7C165&lle=0&ifv=1&hpt=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-ve3MJZC2v5y562Z-fAaDSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-ve3MJZC2v5y562Z-fAaDSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy same-origin-allow-popups; report-to="gws" report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} permissions-policy unload=() alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 28 May 2025 06:24:44 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server gws x-frame-options SAMEORIGIN
POST H2	200	mon Show response obseu.astarsbuilding.com/	0 39 B	209ms 207ms	XHR application/json	2a05:d018:56f:b802:834:8d0e:be2f:5ebe AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://obseu.astarsbuilding.com/mon Requested by Host: euob.astarsbuilding.com URL: https://euob.astarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://mx.www.safe-driver-discount-12295.bond/ Response headers access-control-allow-origin https://mx.www.safe-driver-discount-12295.bond content-length 0 date Wed, 28 May 2025 06:24:45 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mx.www.safe-driver-discount-12295.bond

URL

blob:https://mx.www.safe-driver-discount-12295.bond/f03bf9ed-728b-4b59-aeb1-6c6db745e432

16 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| tcblock object| searchboxBlock function| getXMLhttp function| ajaxQuery function| ajaxBackfill function| loadFeed object| xmlHttp function| ls function| getLoadFeedArguments function| __ctcg_ct_77721_exec number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| _cq

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.safe-driver-discount-12295.bond/	1970-01-21 07:51:37	Name: _cq_duid Value: 1.1748413481.1OqD2Vd0NkEwMdSe
			.safe-driver-discount-12295.bond/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1748413481.qknnL2tbSgWPVgXT
			.safe-driver-discount-12295.bond/	1970-01-21 15:01:49	Name: __gsas Value: ID=55ff5540eddb4069:T=1748413482:RT=1748413482:S=ALNI_MZXG9H7bBRzha12m_L1B1mjB0Lngg
			obseu.astarsbuilding.com/	1970-01-21 13:44:03	Name: cg_uuid Value: bb51a6d53b5055947b34f72291c9fc5f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://mx.www.safe-driver-discount-12295.bond/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D04701343E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
d1t9jheyiyj1h6.cloudfront.net
euob.astarsbuilding.com
mx.www.safe-driver-discount-12295.bond
obseu.astarsbuilding.com
partner.googleadservices.com
syndicatedsearch.goog
www.google.com
mx.www.safe-driver-discount-12295.bond
104.247.81.94
172.253.115.155
2600:9000:269f:2e00:1d:2a46:e80:21
2600:9000:26a0:9000:18:8b36:9d00:93a1
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::69
2607:f8b0:4004:c1d::8a
2a05:d018:56f:b802:834:8d0e:be2f:5ebe
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
393ee3bfff871016be4663ce0b01eb7c7049fe3cde59c5e26f56f3fb4d8f5f77
40ef45e9b2b297a246b65c01c4889bc729625b00c52d2705732255042b788e25
485135ea42bae51bdde5a89026f3038fee0b7702ca0dcfda671c52bfae9f2773
55402093d06059b190f876204f9a99aa4e9f0bb804011f7a16de4836e4c09c28
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
724e1b80fcb55ea88e43b1a39e24310402c2c24dae14749a685d46abedb130a8
79d5f5059e8e8b7117326e96679439c1fc378566352a292047a3dcda02348924
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ab293c6575480097e094eb0a3a7b1d7a72e5a3ba0ffb266ba416b1b4de9d401
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855