urlscan.io logo urlscan.io
SecurityTrails logo

provide-insurance.com Open in urlscan Pro
35.227.239.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://epoint.pt/nhuz
Effective URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Submission: On October 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 35.227.239.114, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is provide-insurance.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 1st 2020. Valid for: 3 months.
This is the only time provide-insurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 187.45.193.156 27715 (Locaweb S...)
1 1 85.95.249.81 49467 (EUROTA-AS...)
1 1 34.237.29.129 14618 (AMAZON-AES)
1 1 52.34.202.34 16509 (AMAZON-02)
1 35.227.239.114 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 99.86.2.16 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
18 4
1    187.45.193.156 (Brazil)

ASN27715 (Locaweb Servicos de Internet S/A, BR)
PTR: hm2501.locaweb.com.br
epoint.pt
1    85.95.249.81 (Turkey)

ASN49467 (EUROTA-ASN EUROTA INTERNET SERVICES LTD, TR)
PTR: czfcamera.com
xhuauto.com
1    34.237.29.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-29-129.compute-1.amazonaws.com
mrktrecord13.com
1    52.34.202.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-202-34.us-west-2.compute.amazonaws.com
trkxyz.com
1    35.227.239.114 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 114.239.227.35.bc.googleusercontent.com
provide-insurance.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    99.86.2.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-16.fra6.r.cloudfront.net
cdn.everquote.com
4    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 everquote.com
cdn.everquote.com
66 KB
4 gstatic.com
fonts.gstatic.com
40 KB
1 googleapis.com
fonts.googleapis.com
976 B
1 provide-insurance.com
provide-insurance.com
11 KB
1 trkxyz.com
trkxyz.com
802 B
1 mrktrecord13.com
mrktrecord13.com
302 B
1 xhuauto.com
xhuauto.com
271 B
1 epoint.pt
epoint.pt
255 B
18 8
Domain Requested by
12 cdn.everquote.com provide-insurance.com
4 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com provide-insurance.com
1 provide-insurance.com
1 trkxyz.com 1 redirects
1 mrktrecord13.com 1 redirects
1 xhuauto.com 1 redirects
1 epoint.pt 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
everquote.com
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Frame ID: 35D288368D6DA06BF80AB353134D46C9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://epoint.pt/nhuz HTTP 301
    http://xhuauto.com/1719194tI2665033AX0YB0LR38BGr98396WD HTTP 302
    http://mrktrecord13.com/?E=n0v4JD5ZvF2PazWGnOztcd0zkULQJWUY&s1=1719194&s2=8b-1719194-2665033-98396-0... HTTP 302
    https://trkxyz.com/?E=n0v4JD5ZvF2PazWGnOztcd0zkULQJWUY&s1=1719194&s2=8b-1719194-2665033-98396-0... HTTP 302
    https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

4
IPs

4
Countries

117 kB
Transfer

143 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://epoint.pt/nhuz HTTP 301
    http://xhuauto.com/1719194tI2665033AX0YB0LR38BGr98396WD HTTP 302
    http://mrktrecord13.com/?E=n0v4JD5ZvF2PazWGnOztcd0zkULQJWUY&s1=1719194&s2=8b-1719194-2665033-98396-0-06834 HTTP 302
    https://trkxyz.com/?E=n0v4JD5ZvF2PazWGnOztcd0zkULQJWUY&s1=1719194&s2=8b-1719194-2665033-98396-0-06834&ckmguid=dc205313-fb84-4707-a9fe-881e1307932b HTTP 302
    https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
provide-insurance.com/
Redirect Chain
  • http://epoint.pt/nhuz
  • http://xhuauto.com/1719194tI2665033AX0YB0LR38BGr98396WD
  • http://mrktrecord13.com/?E=n0v4JD5ZvF2PazWGnOztcd0zkULQJWUY&s1=1719194&s2=8b-1719194-2665033-98396-0-06834
  • https://trkxyz.com/?E=n0v4JD5ZvF2PazWGnOztcd0zkULQJWUY&s1=1719194&s2=8b-1719194-2665033-98396-0-06834&ckmguid=dc205313-fb84-4707-a9fe-881e1307932b
  • https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.239.114 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.239.227.35.bc.googleusercontent.com
Software
/
Resource Hash
1385e98f0ed4a51510b9da732500d855e136a099e0154ee50987d25c12100f57

Request headers

:method
GET
:authority
provide-insurance.com
:scheme
https
:path
/?tid=156&subid=42343&subid2=1719194
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 28 Oct 2020 17:26:35 GMT
content-type
text/html; charset=utf-8
via
1.1 google
alt-svc
clear

Redirect headers

Cache-Control
private
Content-Length
190
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Oct 2020 17:26:34 GMT
Location
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=Jl+040fmUqBS9BAXR5xNyyZgvASQML/XJG9U2nSYoHLbdlQM8k+ebg==; domain=.trkxyz.com; path=/; SameSite=None; secure; HttpOnly trk=Ab6xOO8JMBb6ZpcnlNanuiZgvASQML/XJG9U2nSYoHLbdlQM8k+ebg==; domain=.trkxyz.com; expires=Tue, 28-Oct-2025 13:26:34 GMT; path=/; SameSite=None; secure; HttpOnly c31483=Jl+040fmUqCGpq9P6FdeDNyJLba1IPTj9j4WUfBZ2Lu2jVyNEE1qqw==; domain=.trkxyz.com; expires=Fri, 27-Nov-2020 17:26:34 GMT; path=/; SameSite=None; secure; HttpOnly
Connection
close
css
fonts.googleapis.com/ 		9 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c206e348e43df74d75735c276027544d7a9a425495edbf3df3197d17ef7778ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Oct 2020 17:26:35 GMT
server
ESF
date
Wed, 28 Oct 2020 17:26:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Oct 2020 17:26:35 GMT
agentSpotlightSandraCook.png
cdn.everquote.com/static-assets/gdpr/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/agentSpotlightSandraCook.png
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7001dab4181f346cf3be6130694db5dba4d80a01f34d77fdc8cc0f61c993d66e

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
09hHyEW1jX9eK6UDVQ2s697wf6MCcKd1
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Thu, 12 Mar 2020 15:12:44 GMT
server
AmazonS3
age
15313
etag
"a51dc6e582e2e308a0154420561854ee"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Wed, 28 Oct 2020 13:11:23 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
17874
x-amz-cf-id
Z-ws41f-a_osEHWnpW4rEuHSp-A5LV5G1_E5au7uq7UKMbrK6iS3_g==
logo.png
cdn.everquote.com/static-assets/gdpr/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/logo.png
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84be56261d71a8e1e73e4d604287f43e909b56081a38a803a9d543c4f1bba73e

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Ny56quWrrZJUqqycfPfd8dhwZSxAXoUX
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Wed, 11 Mar 2020 18:00:49 GMT
server
AmazonS3
age
17111
etag
"99886329dd0e9bd824a5c15628d68441"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Wed, 28 Oct 2020 12:41:25 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3952
x-amz-cf-id
h0HpIYOjdqWjM0k2w31K6oqSypytBgw0ab1kxhEQxtd4LWayoNEKHg==
heroDesktop.svg
cdn.everquote.com/static-assets/gdpr/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/heroDesktop.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1871d1c293d33ed68542a42a1705d972bf79c19cb8e36656dff00234b3f5ceee

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 18:47:07 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 18:00:36 GMT
server
AmazonS3
age
81569
etag
W/"f6ccd4e32406153876c26704d8d24c83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
jEEaauT01IcSv6rOlw41tEh7jRucfhFz
status
200
x-amz-cf-pop
FRA6-C1
content-type
image/svg+xml
x-amz-cf-id
m0Cnn4YHMewAR9ujo9s-rH5XjZgkllxiiE8vVgJLeg0Eh5u5MojDpQ==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
partnerLogosLeft.png
cdn.everquote.com/static-assets/gdpr/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/partnerLogosLeft.png
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97ca8b83b92e3e01b09ae4b3ba1982bb4d1686a6e89a74967eac5426fa7f468a

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 22:50:49 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Wed, 11 Mar 2020 19:38:24 GMT
server
AmazonS3
age
66947
etag
"1912e9f7638e5d97f3bb22976e5912a4"
x-cache
Hit from cloudfront
x-amz-version-id
C3YgYX6KmA22DFjKFrmZyDrlP.fjL.2M
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
10253
x-amz-cf-id
xFrggIkWLI0ZmhJsARdSFv1xVfy40flHbDipoTl4aJYLt_RpcYJm2A==
partnerLogosRight.png
cdn.everquote.com/static-assets/gdpr/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/partnerLogosRight.png
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e55886e1a497f7a873cfdbfc73f56e6f83a5f72da20b6f8d656ea82cc3fce8a

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
u2ZLh59tR3BKf7qjt9s4Bn6mH53puxaN
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Wed, 11 Mar 2020 19:38:42 GMT
server
AmazonS3
age
17111
etag
"2cdb2324c938e215aa55a9855bfda458"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Wed, 28 Oct 2020 12:41:25 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
14479
x-amz-cf-id
IiqtQEEdEDeVDDRWQSau8e98fT5f-AR5VXnq4Pb_QcejcJSD7wx5tQ==
profile.svg
cdn.everquote.com/static-assets/gdpr/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/profile.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b5110c387ba3d7280b9bb6a28c95de69430bcd7bf4090c0e310e2f5d30b20f0

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
QmQMpMi9mWPZR8rc3Xb5lMLJtg4OvrOs
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
65553
etag
"0eb455680fd8575f7995b962be261cd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
date
Tue, 27 Oct 2020 23:14:03 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
4DQLEpiyYKdVtgEDE-MZBle_KUWYIs7VqPJOn2Jgdt683fPwS5-CIQ==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
compare.svg
cdn.everquote.com/static-assets/gdpr/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/compare.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d85525eb8e784f802e6c98a363dcdb787beb53508594374d7222e52cd90ab15

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
lVELn66rkmWQH3SKKN6bu2BJuui9m6.e
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
65552
etag
"ff92ff136dd2713668a69b4e38ce096f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
date
Tue, 27 Oct 2020 23:14:04 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
co9zZDWPD8aQgQivk--hTXHUA1jftYGY6kJIQgU-7cTrcIfg5tF-8g==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
connect.svg
cdn.everquote.com/static-assets/gdpr/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/connect.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72939475797d403402d1ad31c87398a8ded90591f86c9fa7d2a720e19f9e88dd

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
U7M_vuanMcN.2fhm6UAQGz.FQus1hvJk
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
71103
etag
"2b1a1f4a89750e3a38d2e3bb139d7a41"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
date
Tue, 27 Oct 2020 21:41:32 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
E3FTBtl2ZEXLHIOPs7hqzCknSVbaNKc6kzrT8_oDTvWgo7NE9fRBGA==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
compareAndSave.svg
cdn.everquote.com/static-assets/gdpr/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/compareAndSave.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a9ba93e7024d79acbce3ce9f46211d5869ab679ddf7f6670d6c21efab8eab31

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
a6m4mHOM8qRZd9m1bkpvPifqqfWjDmLZ
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
65552
etag
"a25a1af72a235263b1d0b0bd92591207"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
date
Tue, 27 Oct 2020 23:14:04 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
1ylQXaZCkoXbSbVLYntXxYt-1bjGVY8SKFGKq1pKHdOMf-6f2E4VZQ==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
personalizedCoverage.svg
cdn.everquote.com/static-assets/gdpr/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/personalizedCoverage.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f5d9ef71e0cde8c63288db0ec2634134dfd5caf7a1a97d273e8345857c75886

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
YHEnnr02_GdDtccSyJTw6BvZFRRDihZj
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
15313
etag
"4bf6ee1fc73408357da4c9c17d9f99b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
date
Wed, 28 Oct 2020 13:11:23 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
rDEenjwzgKcvuq1PvOR9MPKc8OJMYr87B-OBAlsBfcdpz8jMaj2nBQ==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
fastAndSimple.svg
cdn.everquote.com/static-assets/gdpr/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/fastAndSimple.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5591a66f380df43aa04b2254a580220da4a53152e2053dcafd6dfef24ba06642

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
6MF2dYgDMGJUAWsEG8tkoK45MFGno1gL
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
65551
etag
"39287a6e14c836eb41fb8fdf382b6c52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
date
Tue, 27 Oct 2020 23:14:05 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
NljR9N84ngdv9KOg_EdLs_vOCf78zB4n-eau49Co4hbQ2bBnYKYxQA==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
speakWithAgents.svg
cdn.everquote.com/static-assets/gdpr/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.everquote.com/static-assets/gdpr/speakWithAgents.svg
Requested by
Host: provide-insurance.com
URL: https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676be055de1d8a34200964ea837df70f0ed2bf7cb12521111e95e7ffc1500dc7

Request headers

Referer
https://provide-insurance.com/?tid=156&subid=42343&subid2=1719194
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 03:51:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 17:24:45 GMT
server
AmazonS3
age
48908
etag
W/"488cf746eb5607d6ec1981e44e9641dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
MDNxkYGc3pPsGsJoDgT0vRUUCenQP1MY
status
200
x-amz-cf-pop
FRA6-C1
content-type
image/svg+xml
x-amz-cf-id
6ICXuPA249miA8_EOHYgZr88yXhZW8oyh9Ka01AjuhjVLSeuq-yQZg==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://provide-insurance.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:20:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
21961
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:20:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://provide-insurance.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 26 Oct 2020 20:01:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
163528
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 26 Oct 2021 20:01:07 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://provide-insurance.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
21960
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:20:35 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://provide-insurance.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
21962
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:20:33 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.everquote.com
epoint.pt
fonts.googleapis.com
fonts.gstatic.com
mrktrecord13.com
provide-insurance.com
trkxyz.com
xhuauto.com
187.45.193.156
2a00:1450:4001:800::200a
2a00:1450:4001:815::2003
34.237.29.129
35.227.239.114
52.34.202.34
85.95.249.81
99.86.2.16
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1385e98f0ed4a51510b9da732500d855e136a099e0154ee50987d25c12100f57
1871d1c293d33ed68542a42a1705d972bf79c19cb8e36656dff00234b3f5ceee
1d85525eb8e784f802e6c98a363dcdb787beb53508594374d7222e52cd90ab15
4b5110c387ba3d7280b9bb6a28c95de69430bcd7bf4090c0e310e2f5d30b20f0
4f5d9ef71e0cde8c63288db0ec2634134dfd5caf7a1a97d273e8345857c75886
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5591a66f380df43aa04b2254a580220da4a53152e2053dcafd6dfef24ba06642
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
676be055de1d8a34200964ea837df70f0ed2bf7cb12521111e95e7ffc1500dc7
7001dab4181f346cf3be6130694db5dba4d80a01f34d77fdc8cc0f61c993d66e
72939475797d403402d1ad31c87398a8ded90591f86c9fa7d2a720e19f9e88dd
84be56261d71a8e1e73e4d604287f43e909b56081a38a803a9d543c4f1bba73e
8e55886e1a497f7a873cfdbfc73f56e6f83a5f72da20b6f8d656ea82cc3fce8a
97ca8b83b92e3e01b09ae4b3ba1982bb4d1686a6e89a74967eac5426fa7f468a
9a9ba93e7024d79acbce3ce9f46211d5869ab679ddf7f6670d6c21efab8eab31
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
c206e348e43df74d75735c276027544d7a9a425495edbf3df3197d17ef7778ce