urlscan.io logo urlscan.io
SecurityTrails logo

savings.insurancebargains.net Open in urlscan Pro
20.69.117.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://savings.insurancebargains.net/
Submission: On February 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 20.69.117.1, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is savings.insurancebargains.net.
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.
This is the only time savings.insurancebargains.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 20.69.117.1 8075 (MICROSOFT...)
4 3.11.150.0 16509 (AMAZON-02)
1 108.157.4.79 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 52.6.30.198 14618 (AMAZON-AES)
1 13.32.118.65 16509 (AMAZON-02)
1 44.196.193.95 14618 (AMAZON-AES)
25 7
12    20.69.117.1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
savings.insurancebargains.net
4    3.11.150.0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-150-0.eu-west-2.compute.amazonaws.com
script.anura.io
1    108.157.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-79.dus51.r.cloudfront.net
ads.anura.io
1    2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
5    52.6.30.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-30-198.compute-1.amazonaws.com
create.leadid.com
1    13.32.118.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-65.fra60.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    44.196.193.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-193-95.compute-1.amazonaws.com
deviceid.trueleadid.com
Apex Domain
Subdomains		 Transfer
12 insurancebargains.net
savings.insurancebargains.net
89 KB
5 leadid.com
create.leadid.com — Cisco Umbrella Rank: 14251
3 KB
5 anura.io
script.anura.io — Cisco Umbrella Rank: 49459
ads.anura.io — Cisco Umbrella Rank: 81384
21 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15651
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 22400
39 KB
25 6
Domain Requested by
12 savings.insurancebargains.net savings.insurancebargains.net
5 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
4 script.anura.io savings.insurancebargains.net
script.anura.io
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com savings.insurancebargains.net
1 ads.anura.io script.anura.io
25 7

This site contains no links.

Subject Issuer Validity Valid
savings.insurancebargains.net
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
script.anura.io
Amazon		 2022-07-12 -
2023-08-10		 a year crt.sh
ads.anura.io
Amazon		 2022-06-29 -
2023-07-28		 a year crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-30		 a year crt.sh
create.leadid.com
Amazon		 2022-09-21 -
2023-10-19		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-12-08 -
2024-01-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://savings.insurancebargains.net/
Frame ID: 44319A15A6006D7914C65E9B80A09F6D
Requests: 22 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Frame ID: 6F29A79699C760F1ED100773257D6817
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Frame ID: BB3E73678DA7D5A6564D5EBBBDE936B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

InsuranceBargains | Auto Insurance

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

157 kB
Transfer

360 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
savings.insurancebargains.net/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
8a9d093ceac22f0c0d20aff5bae6daf84d29623be98906b6abb93e3482665261
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Feb 2023 12:48:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-xss-protection
1; mode=block
layout.css
savings.insurancebargains.net/landing/Auto/qis/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/landing/Auto/qis/css/layout.css
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0448e770a1d3e803604075e350f72a15962b3fa6098b14ac7f118ce1bdfc0356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 18 Oct 2022 11:37:23 GMT
etag
W/"634e8ff3-2c8f"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
custom.css
savings.insurancebargains.net/css/frontend/ 		413 B
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/css/frontend/custom.css
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca1b39184cbe3b7cc53c8de16c49bb3acb80e32127ad2d8a732211b174e4dbd9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 15 Feb 2022 14:29:26 GMT
etag
"620bb8c6-19d"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31104000
accept-ranges
bytes
content-length
413
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
sibs.png
savings.insurancebargains.net/logos/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savings.insurancebargains.net/logos/sibs.png
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
686ec04932f0e5978a95d3ad807afb4999b2460b62c63a9c08f9fd998a3bd0f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 07:36:37 GMT
etag
"63870805-3cec"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
content-length
15596
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
img03.jpg
savings.insurancebargains.net/landing/Auto/qis/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savings.insurancebargains.net/landing/Auto/qis/images/img03.jpg
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f39e45d88afb6d3a04525b47714cb078a5b0a20933d91da514c62d59bb6b3993
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 10 Feb 2022 12:57:01 GMT
etag
"62050b9d-72cc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
content-length
29388
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
jquery-2.2.3.min.js
savings.insurancebargains.net/js/frontend/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/js/frontend/jquery-2.2.3.min.js
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04685bdefed2099cae5f544505b8319ee7ae4d0a7f90a93b2e764bde5cad1de6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 27 Aug 2021 13:58:34 GMT
etag
W/"6128ef8a-14e9a"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
validation.js
savings.insurancebargains.net/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/js/validation.js
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c99266c9e99b6029ec1bf10c72f8b599caadee3d580d1f1231a75849b244f205
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 13 Jan 2022 09:58:40 GMT
etag
W/"61dff7d0-2f7b"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
landing.js
savings.insurancebargains.net/js/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/js/landing.js
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff1ca0fe12dde4ce5374c68aba0fe142b848782b4871c412c558482e9c93ba0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 22 Dec 2022 10:25:44 GMT
etag
W/"63a430a8-2a5b"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
form_validation.js
savings.insurancebargains.net/js/ 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/js/form_validation.js
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47149ccce4364ba4495df62176857061e10c78b9f755596c46a922897daf7af1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 18 Oct 2022 05:18:32 GMT
etag
W/"634e3728-63b"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
criteo_event_call.js
savings.insurancebargains.net/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/js/criteo_event_call.js
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d8f7961f0862795b0a5054a126ffaad4adcb6bcc86ea4bd5f971ec84532a854
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 07 Nov 2022 11:10:26 GMT
etag
W/"6368e7a2-d67"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
generic_calls.js
savings.insurancebargains.net/js/ 		310 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/js/generic_calls.js
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b81feaf7885d0f1b7ad3ed370d6eecec6edc36b946a80aba83fdb3a4ce0fabc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 08 Dec 2022 11:22:24 GMT
etag
"6391c8f0-136"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
accept-ranges
bytes
content-length
310
x-xss-protection
1; mode=block
expires
Sat, 10 Feb 2024 12:48:42 GMT
request.js
script.anura.io/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=52457339&source=undefined&campaign=undefined&exid=9232651_SIBS&callback=anuraResponseHandler&598188077456
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.150.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-150-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bcd60ebbacc78571b31ae08c7351d9e81c1974d5af28be29f2c959d486a91ae9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 12:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
showads.js
ads.anura.io/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?526748005516
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=52457339&source=undefined&campaign=undefined&exid=9232651_SIBS&callback=anuraResponseHandler&598188077456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-79.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:55:10 GMT
content-encoding
gzip
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P2
age
10412
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
UeVJLdPYr-gUhFbkm-_I2a5k12c-6GNof_s2aSL2HB3JVCZQA4Qyfw==
e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a0aabbe776399a85220bf97a3482e59793ee730c348c779a764e51a6252fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://savings.insurancebargains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:43 GMT
x-amz-version-id
FkuwImpCc8hI5QllpZn.ifk3kxTwQbIS
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 12 Nov 2021 01:26:59 GMT
server
cloudflare
x-amz-request-id
T0WHCFZGA3673G5N
etag
W/"528ba83e2f53fc499b29c43bd3c47805"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
799e28cb0e0f9249-FRA
x-amz-id-2
Q5nlUbwzZ98ROzGbigd03niaN7vXEdfCzQrxUHP9ctdBY1L+1XygFLUba/IQLIpsAX4Rxow+ADw=
response.json
script.anura.io/ 		93 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=52457339&source=undefined&campaign=undefined&exid=9232651_SIBS&callback=anuraResponseHandler&598188077456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.150.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-150-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cc5a54e66a45775534e8ffac00f474e56d1771b92c393a9dae4d292aa4d7fcfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 12:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
cnf.php
script.anura.io/ 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/cnf.php
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=52457339&source=undefined&campaign=undefined&exid=9232651_SIBS&callback=anuraResponseHandler&598188077456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.150.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-150-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 12:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
result.json
script.anura.io/ 		41 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/result.json
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.150.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-150-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 12:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
GenerateToken
create.leadid.com/2.11.9/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=bb3e0502-efd9-4242-8ef8-0147ef515afd&_=718278589
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-30-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9258476d7782a261fdd6bc8d38fe0db04f212447d260a0f6b959e12c30f1957c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 15 Feb 2023 12:48:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
update-anura-status
savings.insurancebargains.net/ 		0
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://savings.insurancebargains.net/update-anura-status
Requested by
Host: savings.insurancebargains.net
URL: https://savings.insurancebargains.net/js/frontend/jquery-2.2.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.69.117.1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://savings.insurancebargains.net/
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
NIxfzydAuQl2cIKpe6n84UBWG7KQIBHhodqwrgnH
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 15 Feb 2023 12:48:46 GMT
cache-control
no-cache, private
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 6F29 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-65.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://savings.insurancebargains.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
58723
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 14 Feb 2023 20:30:00 GMT
ETag
W/"63d8282d-dbb"
Last-Modified
Mon, 30 Jan 2023 20:27:25 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ECU_5L2jmetWNHj2Z3bDuoIfYcG68I3t4EhJIPcx6BvwK5_9B0dZhQ==
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=bb3e0502-efd9-4242-8ef8-0147ef515afd&token=775D867D-9068-55B8-65AF-1646DB514F61&_=718278590
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-30-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 15 Feb 2023 12:48:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=bb3e0502-efd9-4242-8ef8-0147ef515afd&token=775D867D-9068-55B8-65AF-1646DB514F61&_=718278591
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-30-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 15 Feb 2023 12:48:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame BB3E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.193.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-193-95.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 15 Feb 2023 12:48:43 GMT
etag
W/"63dbe867-1049"
expires
Thu, 16 Feb 2023 12:48:43 GMT
last-modified
Thu, 02 Feb 2023 16:44:23 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=4&pid=bb3e0502-efd9-4242-8ef8-0147ef515afd&token=775D867D-9068-55B8-65AF-1646DB514F61&_=718278592
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-30-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://savings.insurancebargains.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 15 Feb 2023 12:48:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame BB3E 		0
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=28E26C96-47B1-6572-594C-870A142734FA&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&methods=48&token=775D867D-9068-55B8-65AF-1646DB514F61&uuid=355574aa561b4af2a29a366aa51de79b
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-30-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 12:48:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange function| anuraResponseHandler function| resultHandler object| Anura function| $ function| jQuery string| results_url string| flow_url function| isValidEmail function| validateGender function| validateIsInsured function| validateOwnHome function| validateMaritalStatus function| validateHeight function| validateWeight function| validateAge function| validateDateOfBirth function| validateNames function| validateEmail function| validateAddressBKP function| validateAddress function| validateCity function| validateState function| validateZipCode function| validatePhone function| getObviouseValue function| validateMedicalCondition function| validateYears function| validateMonths function| validateHHSize function| validateHHIncome function| validateVehicleYears function| validateVehicleMake function| validateVehicleModel function| validateVehicleSubModel function| validateNumberOfVehicles function| validateHeaderZipCode function| validateAgeyear function| validateIsInsuredField function| validateDOB function| validateForm function| validateMultiFieldsForm function| validateTwoFieldsForm function| validateDOBForm function| is_app function| handle_lb_redirect function| validateMultiFieldsHomeForm function| validateMultiFieldsAutoNoVehicleForm function| validatePersonalloanForm function| validatePersonalloanSliderForm string| tid_criteo string| update_anura_status_url function| validateNamesV2 function| validateAddressV2 function| criteoEventCall function| updateAnuraStatus object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame

5 Cookies

Domain/Path Name / Value
savings.insurancebargains.net/ Name: local_transaction_ids
Value: eyJpdiI6IlpJSEZOYkt1Qm40dm9VbGh4Yi9VeGc9PSIsInZhbHVlIjoiMFEra0hsaXVjZGhpbUJJNEVLS0x5TmtleXY4SENUOXZ1M3pZa2NHeGxzdHJORW9oa1FsRlRrWEZTWmZFREhVQzVldmw1ZU5mS1RvSHZ6TnlTNDdqMzgwa09ibWhhQ3JxODVDbWJ0ditVOU5xY3hCbDNtMGZTUFh4ak9YeGxobU9ncmhuQ2dDdk8vYnlnS0l4aURTZjdnPT0iLCJtYWMiOiJjYzZjYWNkZTRiNzlmMTEwODlkOTBjOTE3ODNkMjlmYTA0YTc2MDExZTQzN2IwZGY2ZDY2Y2E2MDAwNTNkMGVlIiwidGFnIjoiIn0%3D
savings.insurancebargains.net/ Name: leadid_token-28E26C96-47B1-6572-594C-870A142734FA-E4A414D8-5B2F-FC13-0E46-7F6E7994C38F
Value: 775D867D-9068-55B8-65AF-1646DB514F61
.deviceid.trueleadid.com/ Name: uuid
Value: 355574aa561b4af2a29a366aa51de79b
savings.insurancebargains.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNhaXR5T2NZSHg3Z0FYZDFGMTFuekE9PSIsInZhbHVlIjoiWWlSeGN3M1ZDazZsK3FMR21lTlkvTmtqVnpIN000TktzNFZTT01QMGpMNTdDSElPN2hpWDlkQ0NaQkl6OGM3bS9iN0w3RmpXUUpxRnlkRXpDdzJMNHpUajFSTDVYWUJPcjNNOTY1aTJJemVETmNXeTNyVDhoYTV5TGRaeWpQRlYiLCJtYWMiOiJhNzFjZGEwY2I5MWQ3ZWY3OTRkOTQ1OGJkZDk1MWUxMjVjODE1ODFhNWFjODI4OTFhYWMwNDFmYWU0YjFhY2E5IiwidGFnIjoiIn0%3D
savings.insurancebargains.net/ Name: admin_panel_session
Value: eyJpdiI6InI4OTdOTVpUSlkvVmtQQ0JnazMwd2c9PSIsInZhbHVlIjoiQVA0cisvUW1WMmxQeExYVVhFazkzaEJUUVQ1eWh6dXJHd1AxbXg1T3lac3lDS2hsajNRRS9TcHdIQ2ljb1ZPd1NQTUZRUnU4N1hJbVltOUdRVUhvVGVwWEwvc1M2T1EvWmQyMjFTLzBOWUdrY0ZhWnUrSXV6SnNIeDZHaTNYcisiLCJtYWMiOiI0MDc5MGY1MWE2MThkYzhiYjk1Y2JmYTFiMjBjMzUwNTM4YmMyYWYzOGViODFkMzA2YjRhNTAzMDc5NDRjY2U5IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
savings.insurancebargains.net
script.anura.io
108.157.4.79
13.32.118.65
20.69.117.1
2606:4700:10::6816:26b6
3.11.150.0
44.196.193.95
52.6.30.198
0448e770a1d3e803604075e350f72a15962b3fa6098b14ac7f118ce1bdfc0356
04685bdefed2099cae5f544505b8319ee7ae4d0a7f90a93b2e764bde5cad1de6
1d8f7961f0862795b0a5054a126ffaad4adcb6bcc86ea4bd5f971ec84532a854
3b81feaf7885d0f1b7ad3ed370d6eecec6edc36b946a80aba83fdb3a4ce0fabc
47149ccce4364ba4495df62176857061e10c78b9f755596c46a922897daf7af1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
686ec04932f0e5978a95d3ad807afb4999b2460b62c63a9c08f9fd998a3bd0f0
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
8a9d093ceac22f0c0d20aff5bae6daf84d29623be98906b6abb93e3482665261
9258476d7782a261fdd6bc8d38fe0db04f212447d260a0f6b959e12c30f1957c
b0a0aabbe776399a85220bf97a3482e59793ee730c348c779a764e51a6252fae
bcd60ebbacc78571b31ae08c7351d9e81c1974d5af28be29f2c959d486a91ae9
c99266c9e99b6029ec1bf10c72f8b599caadee3d580d1f1231a75849b244f205
ca1b39184cbe3b7cc53c8de16c49bb3acb80e32127ad2d8a732211b174e4dbd9
cc5a54e66a45775534e8ffac00f474e56d1771b92c393a9dae4d292aa4d7fcfa
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f39e45d88afb6d3a04525b47714cb078a5b0a20933d91da514c62d59bb6b3993
ff1ca0fe12dde4ce5374c68aba0fe142b848782b4871c412c558482e9c93ba0d