urlscan.io logo urlscan.io
SecurityTrails logo

quote.free-insurance-quotes-now.com Open in urlscan Pro
216.109.216.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Submission: On July 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 3 countries across 19 domains to perform 70 HTTP transactions. The main IP is 216.109.216.75, located in United States and belongs to LIGHTEDGE-AS-02, US. The main domain is quote.free-insurance-quotes-now.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 12th 2023. Valid for: a year.
This is the only time quote.free-insurance-quotes-now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 216.109.216.75 11320 (LIGHTEDGE...)
8 13.225.84.203 16509 (AMAZON-02)
2 3.211.108.241 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 5 3.220.70.106 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
6 18.204.26.203 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
9 2620:1ec:c11:... 8068 (MICROSOFT...)
2 142.250.181.226 15169 (GOOGLE)
1 3 52.222.169.99 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 18.173.184.195 16509 (AMAZON-02)
2 35.190.72.161 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.242.173.36 14618 (AMAZON-AES)
1 35.190.36.172 15169 (GOOGLE)
1 2600:1901:0:2... 15169 (GOOGLE)
70 26
8    216.109.216.75 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: allwebleads.com
quote.free-insurance-quotes-now.com
www.usinsuranceonline.com
8    13.225.84.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-203.fra2.r.cloudfront.net
d2en6kvan5r1zc.cloudfront.net
2    3.211.108.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-108-241.compute-1.amazonaws.com
insurance.mediaalpha.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
5    3.220.70.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-70-106.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:2000:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
6    18.204.26.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-26-203.compute-1.amazonaws.com
create.leadid.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
3    52.222.169.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-99.cdg52.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:219c:8a00:f:7ab9:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)
d29u10q7qlh006.cloudfront.net
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.173.184.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-195.muc50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2    35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.fqtag.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.242.173.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-173-36.compute-1.amazonaws.com
deviceid.trueleadid.com
1    35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com
1    2600:1901:0:298e:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aux.fqtag.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d2en6kvan5r1zc.cloudfront.net
d29u10q7qlh006.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
370 KB
9 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
13 KB
7 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25091
cdn.trustedform.com — Cisco Umbrella Rank: 29459
42 KB
6 leadid.com
create.leadid.com — Cisco Umbrella Rank: 14416
4 KB
6 free-insurance-quotes-now.com
quote.free-insurance-quotes-now.com
7 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
6 KB
4 fqtag.com
c.fqtag.com — Cisco Umbrella Rank: 45440
cdn.fqtag.com — Cisco Umbrella Rank: 27332
aux.fqtag.com — Cisco Umbrella Rank: 29907
91 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 4752
779 B
4 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
869 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
2 usinsuranceonline.com
www.usinsuranceonline.com — Cisco Umbrella Rank: 947907
476 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 169
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
188 KB
2 mediaalpha.com
insurance.mediaalpha.com — Cisco Umbrella Rank: 26985
22 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15801
2 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 25724
39 KB
70 19
Domain Requested by
9 bat.bing.com www.googletagmanager.com
bat.bing.com
quote.free-insurance-quotes-now.com
8 d2en6kvan5r1zc.cloudfront.net quote.free-insurance-quotes-now.com
d2en6kvan5r1zc.cloudfront.net
cdn.trustedform.com
6 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
6 quote.free-insurance-quotes-now.com d2en6kvan5r1zc.cloudfront.net
5 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 www.google.de quote.free-insurance-quotes-now.com
4 www.google.com 1 redirects quote.free-insurance-quotes-now.com
4 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
3 sb.scorecardresearch.com 1 redirects quote.free-insurance-quotes-now.com
2 c.fqtag.com www.googletagmanager.com
cdn.fqtag.com
2 www.usinsuranceonline.com quote.free-insurance-quotes-now.com
2 d29u10q7qlh006.cloudfront.net quote.free-insurance-quotes-now.com
cdn.trustedform.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.trustedform.com quote.free-insurance-quotes-now.com
api.trustedform.com
2 www.googletagmanager.com quote.free-insurance-quotes-now.com
www.google-analytics.com
2 insurance.mediaalpha.com quote.free-insurance-quotes-now.com
insurance.mediaalpha.com
1 aux.fqtag.com cdn.fqtag.com
1 cdn.fqtag.com c.fqtag.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com client
1 stats.g.doubleclick.net www.google-analytics.com
1 create.lidstatic.com quote.free-insurance-quotes-now.com
70 26

This site contains links to these domains. Also see Links.

Domain
www.free-insurance-quotes-now.com
dnc.allwebleads.com
Subject Issuer Validity Valid
quote.insurancequotes.com
Go Daddy Secure Certificate Authority - G2		 2023-05-12 -
2024-06-09		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
mediaalpha.com
Amazon RSA 2048 M01		 2023-06-11 -
2024-07-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-28		 a year crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-10-19		 8 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.fqtag.com
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
deviceid.trueleadid.com
Amazon RSA 2048 M02		 2023-02-24 -
2024-01-06		 10 months crt.sh
*.trustedform.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-10-09		 8 months crt.sh
cdn.trustedform.com
Amazon RSA 2048 M02		 2023-03-15 -
2024-04-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Frame ID: F0EF51DA0D14C09DA715CB93D3BC81AB
Requests: 68 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=606AB30F-6146-2148-11FE-05215D06BA6C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&lac=006F8754-D273-11E0-B07E-12313B06A6B9
Frame ID: E8441C2D80DA24DB5CA18BE712AEC1E0
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=606AB30F-6146-2148-11FE-05215D06BA6C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&lac=006F8754-D273-11E0-B07E-12313B06A6B9
Frame ID: 6516987ED8BF04064A042C8F0C32509F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shop around and compare your instant online quotes! free-insurance-quotes-now.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

70
Requests

96 %
HTTPS

56 %
IPv6

19
Domains

26
Subdomains

26
IPs

3
Countries

886 kB
Transfer

2209 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://api.trustedform.com/trustedform.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
Request Chain 44
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054394761/?random=1376267725&cv=9&fst=1689281965531&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rWWwZMjAIYSJlQfPyoCgAQ&sscte=1&crd=&pscrd=IhMIiMvt28mMgAMVhETlCh1PJQAU HTTP 302
  • https://www.google.com/pagead/1p-user-list/1054394761/?random=1376267725&cv=9&fst=1689278400000&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3380916922&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/1054394761/?random=1376267725&cv=9&fst=1689278400000&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3380916922&resp=GooglemKTybQhCsO&ipr=y
Request Chain 53
  • https://sb.scorecardresearch.com/c2/9544829/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request InstantQuotes
quote.free-insurance-quotes-now.com/Exit/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
32240fcab92a1e5adb30dbe436b5636ab26ced6bba28e2a6b19a841c5c851ecb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
5309
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 20:59:23 GMT
Vary
Accept-Encoding
cssLessLayout.css
d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/ 		108 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/cssLessLayout.css?awlav=11
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bba0b64d10baa3874290271748c923d66f38afead872e99dfd0d7a9da62867c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 11:40:46 GMT
Content-Encoding
gzip
Via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:11:22 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
Age
33518
ETag
W/"059cb8c51b3d91:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
a82_xFb7vlFdf4WvE7KII4nwKlevEeDcc6HGrWeqac8TrqnQZMARyg==
cssLessMain.css
d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/ 		69 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/cssLessMain.css?awlav=11
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c54ebf0cb9a2c2143b01c48b35c7a2a6b49e396cbd3b2e3421fdeb2b21ace72d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:26:30 GMT
Content-Encoding
gzip
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:11:22 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
Age
45173
ETag
W/"059cb8c51b3d91:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
7aE2wfM9lTEQIb6Vt2NEURcCqY3WUsiyxU0mABMOVVWl96Ju_KRyKg==
free-insurance-quotes-now_com.png
d2en6kvan5r1zc.cloudfront.net/Assets/Images/Logos/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Images/Logos/free-insurance-quotes-now_com.png?awlav=11
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
af2018ba618a1e6a3aea1a3e9c4864ab30bdf49f5a384d4d9d25bdebc3c564c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:24 GMT
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:09:28 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
X-Powered-By
ASP.NET
ETag
"054d84851b3d91:0"
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21491
X-Amz-Cf-Id
nYPOku8gmX5k9Qp2TThobWPuB6yDiYi6uJLvxb2D2KI94e79Iv7T9A==
serve.js
insurance.mediaalpha.com/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.mediaalpha.com/js/serve.js
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.108.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-108-241.compute-1.amazonaws.com
Software
Apache /
Resource Hash
141a922b83cc6707d19885ed7aec59ed8331771664e38e57277ed5eb5636650f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:24 GMT
content-encoding
gzip
server
Apache
content-length
5516
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
scriptMain.js
d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/ 		567 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/scriptMain.js?awlav=11
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f562a0680b87f88220a3d4b57d7f40b9bd0e3185a1048070c7a9278e2ae9b374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 09:06:10 GMT
Content-Encoding
gzip
Via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:11:22 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
Age
42794
ETag
W/"059cb8c51b3d91:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
sHipYS20R0tqfXuA2BK3vQ3ofvVVL1RuYRPYukZvjMO4RvhlwnGpJQ==
PageLoadTracking.js
d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/PageLoadTracking.js?awlav=11
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2211e24b6dbc29258e66445e094f6cc56455d502e282b55933650ee9b5e810f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 05:37:56 GMT
Content-Encoding
gzip
Via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:11:22 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
Age
55287
ETag
W/"059cb8c51b3d91:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
ho4qcSgBhBdkWTNDiciMw-hALx19f177xHggiwJ5pAElXMlGmlgKAA==
221.gif
d2en6kvan5r1zc.cloudfront.net/Assets/Images/Loaders/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Images/Loaders/221.gif
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/cssLessMain.css?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
da7a2d6dbe6a8a1bb2e11226604e83966b6fd7b0ce32b6a3b6034d4b3ef396b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/cssLessMain.css?awlav=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 01:27:18 GMT
Via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:09:28 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
Age
70325
ETag
"054d84851b3d91:0"
X-Powered-By
ASP.NET
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20962
X-Amz-Cf-Id
bOB0OP_f0B4SAePGga-zbOkQM4diJbwliIephHrovbWp9h5GVJAoxQ==
lato-regular-webfont.woff2
d2en6kvan5r1zc.cloudfront.net/Assets/Fonts/Lato/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Fonts/Lato/lato-regular-webfont.woff2
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/cssLessLayout.css?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8f22b20df1f378e076f619bc81cf06be34e0d4368cd102f5eb929292e9867d52

Request headers

Referer
https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Styles/Oscar/cssLessLayout.css?awlav=11
Origin
https://quote.free-insurance-quotes-now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 03:34:57 GMT
Via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Age
62667
X-Powered-By
ASP.NET
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
24932
Last-Modified
Mon, 10 Jul 2023 17:09:42 GMT
Server
Microsoft-IIS/8.5
ETag
"08f305151b3d91:0"
Content-Type
application/x-font-woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Amz-Cf-Id
Y8zMzBy7IzgYAs9M8Cm9WcyCLx0s3vhN4Laa2mRlzoUdfcR2t803dA==
serve_.js
insurance.mediaalpha.com/js/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.mediaalpha.com/js/serve_.js?z=BDI~RZyY2jTHkEn_F477rJyKakltjHCHog~J17EHK0L172472128M294119470N{vW~Yusupha+Dukureh~vS~yusduks%40gmail.com~vT~(347)+849-1576~vD~3365+3+rd+Ave~Q10456vE~E1CA5891-5CE4-5888-F6D8-FB8E8A6F0883~~trusted_form_certificate_id~AX0vB24zr0U1Yysi49e12vF12vV10000vU25000c[{vK~Married~T~1987-09-14~ax1WyMjxPt~Other+Not+Listed~k0h16vIynvJ~Active~fzGb~Yusupha+Dukureh~r0s0}]vP[{V2018ZxYd~TRAX~o~KL7CJREB0JB000000~q14n1}]vX[]}zl20~ua_language~~en-US~&d=__max__467383501&_=871793053
Requested by
Host: insurance.mediaalpha.com
URL: https://insurance.mediaalpha.com/js/serve.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.108.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-108-241.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9fde5f3e971fabf8125ffa6332106aae5ea9338a7bd85f75b7d3594f71e93f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
gzip
server
Apache
content-length
16689
vary
Accept-Encoding
content-type
text/javascript
gtm.js
www.googletagmanager.com/ 		449 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e25b84687fd954c6920f57fc2dc4bdf4ec4b8d19efe827c3001769f2c0dc4e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112548
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 20:11:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jul 2023 20:59:25 GMT
4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
136d1d279d2eb5a95d448b7d51c884725812267157d736860a1d368a936d5939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
x-amz-version-id
_jVGywHsz5Oo2rBNulh39agOdmlsjMqd
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 12 Nov 2021 00:44:01 GMT
server
cloudflare
x-amz-request-id
45KCS1S2T7CKBHCX
age
964
etag
W/"2a358d04514c7769753c518ea435fcaa"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
7e647319bd879b5e-FRA
x-amz-id-2
9beNddFQptqTjo9pJ0j3M7oW8BS7H+rFhkoVkhK5co6dwBJuO6tTdk4E5FecTlNBYGgd1CWFnPY=
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Server
2600:9000:223d:2000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:26 GMT
x-amz-version-id
v12liWRnaHEKOr5LEfFzkXabQ9ywQSw8
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 15:07:36 GMT
server
AmazonS3
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"88ddf717f635b54023edd7480431e1d1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
wIL3yMXX_qUtuJQHmfuPdc-6_1yGoa04ugFpSMxgk63sPFm4inrYMA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
date
Thu, 13 Jul 2023 20:59:25 GMT
server
awselb/2.0
content-length
134
content-type
text/html
Create
quote.free-insurance-quotes-now.com/ConsumerPageTracking/ 		4 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quote.free-insurance-quotes-now.com/ConsumerPageTracking/Create?sessionId=rfty4sg20sho5mi1h2tutpsv&userSessionId=1623646870&adminLeadId=&userSessionWebId=737012742&websiteCode=523&eventType=1&pageLoadTime=1369&pageName=%2FExit%2FInstantQuotes&eventDateTime=Thu%2C+13+Jul+2023+20%3A59%3A25+GMT&firstLoad=true
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/scriptMain.js?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:24 GMT
Cache-Control
private
Content-Length
4
Content-Type
application/json; charset=utf-8
GenerateToken
create.leadid.com/2.11.9/ 		36 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=1b61fa88-d430-40c0-9491-41c2d2e5e2eb&_=133547013
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-26-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
67f6c93652efa0141edb21632c553c9f9b994eb7989e25d64085dc0a489658b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 20:06:31 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3174
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 13 Jul 2023 22:06:31 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1054394761/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054394761/?random=1689281965304&cv=11&fst=1689281965304&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&hn=www.googleadservices.com&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&auid=496652377.1689281965&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6b00a332c441147d9c9ddc3243a2c499ec59b9f412e53e69ed64ce9a948785c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1377
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 13 Jul 2023 20:59:24 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AB4131606B0438A8DAFD27861915C1A Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:25Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065765755/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065765755/?random=1689281965308&cv=11&fst=1689281965308&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&hn=www.googleadservices.com&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&auid=496652377.1689281965&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4aa7d6d0c2588e929d7c891a8efd6bd840b83c4cfdfab678450034b5603770c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850097196/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850097196/?random=1689281965309&cv=11&fst=1689281965309&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&hn=www.googleadservices.com&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&auid=496652377.1689281965&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cd21c998003bf60432361f8a7d0eb87bee7dfff3ccca7b8d392f8b805781288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1377
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:59:25 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9544829&ns__t=1689281965300&ns_c=UTF-8&c8=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&c7=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&c9=
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-99.cdg52.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
5w5N0YQNvi9hAU1YFcQ4UFEjUJ2Mbue0EJLhe7cePdiux_nYePBMyA==
x-cache
Miss from cloudfront
LogGoogleAnalyticsClientId
quote.free-insurance-quotes-now.com/ApiSession/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quote.free-insurance-quotes-now.com/ApiSession/LogGoogleAnalyticsClientId?as=rfty4sg20sho5mi1h2tutpsv&clientId=1800042490.1689281965
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/scriptMain.js?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:24 GMT
Cache-Control
private
Content-Length
2
Content-Type
application/json; charset=utf-8
collect
www.google-analytics.com/j/ 		15 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=991007629&t=pageview&_s=1&dl=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&ul=en-us&de=UTF-8&dt=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YHBAgEABAAAAACAAI~&jid=90839332&gjid=2098049800&cid=1800042490.1689281965&tid=UA-10767246-38&_gid=384587997.1689281965&_slc=1&gtm=45He37c0n71KTD8LS&z=1330331819
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
54b904e55878746f1934fa0178ba7c99b8afb24eca5a8eca26a7580942b0c0d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quote.free-insurance-quotes-now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10767246-38&cid=1800042490.1689281965&jid=90839332&gjid=2098049800&_gid=384587997.1689281965&_u=YHBAgEABAAAAAGAAI~&z=119995902
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quote.free-insurance-quotes-now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:300,400,500,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
940a2780647ad473c6d299a32d22b5adea4ac667fd3adcf46cfe8441dbdaeba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 20:35:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 20:59:25 GMT
DRCbnOK3fvjCy5psw27SA_8ERIg.gif
d29u10q7qlh006.cloudfront.net/i/i/1204/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29u10q7qlh006.cloudfront.net/i/i/1204/DRCbnOK3fvjCy5psw27SA_8ERIg.gif
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:8a00:f:7ab9:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49458085d6dfd14142b0d92d744ee405a365a4f7019d1a77b90954973bd65ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:53:36 GMT
via
1.1 f41c2361062c4fc74c645f4e4fddd2de.cloudfront.net (CloudFront)
last-modified
Tue, 17 Mar 2020 21:26:21 GMT
server
AmazonS3
x-amz-cf-pop
CDG3-C2
age
18350
etag
"a77b417277e3c2da85f7286eea795bdc"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35794
x-amz-cf-id
AZN6-zl_vcA7wG6SKEXD4Gb1v5bg0MK2ygEHqcPsgrn1GQZXZp9LYw==
TrackTraffic
www.usinsuranceonline.com/api/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usinsuranceonline.com/api/TrackTraffic?ip=185.213.155.157&uid=78647&tc=1&tid=172472128&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2F
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:25 GMT
Cache-Control
private
Content-Length
0
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-135E1Q1NMJ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc137c727230929952883881a01fad1eae4a49fef995f01e072d9bf19fb4ca34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79522
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jul 2023 20:59:25 GMT
4034822.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4034822.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 13 Jul 2023 20:59:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 473E736DB6C94F53884DD1C9A290CF20 Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:25Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4034822&tm=gtm002&Ver=2&mid=36c520e4-ea4b-4ba8-992c-e4cc4bf30dbd&sid=263cb33021c011eeb206b53e299dc33e&vid=263caa2021c011ee8299573d213e7a4d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&p=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&r=&lt=1377&evt=pageLoad&sv=1&rn=369027
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 84DACA1BA0654AF985E44BE6F73DC71F Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1065765755/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1065765755/?random=1689281965308&cv=11&fst=1689278400000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&is_vtc=1&random=3483952482&rmt_tld=0&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1065765755/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1065765755/?random=1689281965308&cv=11&fst=1689278400000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&is_vtc=1&random=3483952482&rmt_tld=1&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1054394761/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1054394761/?random=1689281965304&cv=11&fst=1689278400000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&is_vtc=1&random=992543377&rmt_tld=0&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1054394761/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1054394761/?random=1689281965304&cv=11&fst=1689278400000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&is_vtc=1&random=992543377&rmt_tld=1&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-135E1Q1NMJ&gtm=45je37c0&_p=991007629&ul=en-us&sr=1600x1200&cid=1800042490.1689281965&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&dt=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&sid=1689281965&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-135E1Q1NMJ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quote.free-insurance-quotes-now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame E844 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=606AB30F-6146-2148-11FE-05215D06BA6C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&lac=006F8754-D273-11E0-B07E-12313B06A6B9
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-195.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
62293
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 13 Jul 2023 03:41:12 GMT
ETag
W/"6487351c-dbb"
Last-Modified
Mon, 12 Jun 2023 15:09:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
X-Amz-Cf-Id
yq4nVAsWGFIPXA4m6Xi_yDbnUxUQ37AJiT0go1RQD9wOX4xdQdGMjw==
X-Amz-Cf-Pop
MUC50-P4
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=1b61fa88-d430-40c0-9491-41c2d2e5e2eb&token=606AB30F-6146-2148-11FE-05215D06BA6C&_=133547014
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-26-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 20:59:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
LogLeadiDToken
quote.free-insurance-quotes-now.com/ApiSession/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quote.free-insurance-quotes-now.com/ApiSession/LogLeadiDToken?as=rfty4sg20sho5mi1h2tutpsv&leadiDToken=606AB30F-6146-2148-11FE-05215D06BA6C
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/scriptMain.js?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:24 GMT
Cache-Control
private
Content-Length
2
Content-Type
application/json; charset=utf-8
/
www.googleadservices.com/pagead/conversion/1054394761/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1054394761/?random=1689281965531&cv=9&fst=1689281965531&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8a25208dfe29cae6a792b9d57bddab43cdf747440d7fa760dae0ed238dc127c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1522
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
implement-r.js
c.fqtag.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.fqtag.com/js/implement-r.js?org=45pjiyqdhroitldmwbyw&s=rfty4sg20sho5mi1h2tutpsv&p=1_99999&a=&cmp=&rd=Referrer&stId=294178453&rt=action&sl=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTD8LS&l=awlDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6a4d1efc021b78c0e730bebe82d95a417db82583e78846d1dd6f3e562e009165
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2828
x-xss-protection
0
expires
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://quote.free-insurance-quotes-now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 05:45:28 GMT
x-content-type-options
nosniff
age
486837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 05:45:28 GMT
/
www.google.com/pagead/1p-user-list/850097196/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/850097196/?random=1689281965309&cv=11&fst=1689278400000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&is_vtc=1&random=1978135680&rmt_tld=0&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/850097196/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/850097196/?random=1689281965309&cv=11&fst=1689278400000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&frm=0&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&is_vtc=1&random=1978135680&rmt_tld=1&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 6516 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=606AB30F-6146-2148-11FE-05215D06BA6C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&lac=006F8754-D273-11E0-B07E-12313B06A6B9
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=606AB30F-6146-2148-11FE-05215D06BA6C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&lac=006F8754-D273-11E0-B07E-12313B06A6B9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.173.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-173-36.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Thu, 13 Jul 2023 20:59:25 GMT
etag
W/"649348e0-1049"
expires
Fri, 14 Jul 2023 20:59:25 GMT
last-modified
Wed, 21 Jun 2023 19:00:48 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
/
www.google.de/pagead/1p-user-list/1054394761/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054394761/?random=1376267725&cv=9&fst=1689281965531&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTy...
  • https://www.google.com/pagead/1p-user-list/1054394761/?random=1376267725&cv=9&fst=1689278400000&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465926%2C512247838...
  • https://www.google.de/pagead/1p-user-list/1054394761/?random=1376267725&cv=9&fst=1689278400000&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465926%2C512247838&...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1054394761/?random=1376267725&cv=9&fst=1689278400000&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3380916922&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 20:59:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-user-list/1054394761/?random=1376267725&cv=9&fst=1689278400000&num=1&value=0&label=vcpnCOeDtAIQiZPj9gM&bg=ffffff&hl=en&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&tiba=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3380916922&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: c.fqtag.com
URL: https://c.fqtag.com/js/implement-r.js?org=45pjiyqdhroitldmwbyw&s=rfty4sg20sho5mi1h2tutpsv&p=1_99999&a=&cmp=&rd=Referrer&stId=294178453&rt=action&sl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:48:17 GMT
age
668
x-guploader-uploadid
ADPycdu0OI8OfN7NZbOOckj_3wVjvdDnpdMnNpnA6w_UP-j7ZLI8pj87o3lvLS7WOkPLvHjQH9nXmw_WiyHL73tq31T5uvptkwsK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-generation
1611776924905378
content-language
en
content-type
application/javascript
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
expires
Thu, 13 Jul 2023 21:48:17 GMT
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4017641&Ver=2
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F53CE78F21314A459A34E9AE50E3067C Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
4017641.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4017641.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 13 Jul 2023 20:59:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 98DD1BE866EC4FE99868782252DB1E62 Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:25Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4017641&Ver=2&mid=d7144c40-6721-4632-9c56-726307c38453&sid=263cb33021c011eeb206b53e299dc33e&vid=263caa2021c011ee8299573d213e7a4d&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&p=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&r=&lt=1377&evt=pageLoad&sv=1&rn=754281
Requested by
Host: quote.free-insurance-quotes-now.com
URL: https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A2002800BB6F4A4B81BA24CD3D92670A Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
c.fqtag.com/ 		0
10 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.fqtag.com/pixel
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:59:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 6516 		0
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=006F8754-D273-11E0-B07E-12313B06A6B9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&methods=48&token=606AB30F-6146-2148-11FE-05215D06BA6C&uuid=d7e2ebbc26f4477f8304825ab6faab51
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=606AB30F-6146-2148-11FE-05215D06BA6C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4E5FF908-36E4-43DE-A0EB-5BD50AD2A685&lac=006F8754-D273-11E0-B07E-12313B06A6B9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-26-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Create
quote.free-insurance-quotes-now.com/ConsumerPageTracking/ 		4 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quote.free-insurance-quotes-now.com/ConsumerPageTracking/Create?sessionId=rfty4sg20sho5mi1h2tutpsv&userSessionId=1623646870&adminLeadId=&userSessionWebId=737012742&websiteCode=523&eventType=2&pageLoadTime=2650&pageName=%2FExit%2FInstantQuotes&eventDateTime=Thu%2C+13+Jul+2023+20%3A59%3A26+GMT&firstLoad=false
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/scriptMain.js?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:25 GMT
Cache-Control
private
Content-Length
4
Content-Type
application/json; charset=utf-8
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-106.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a82e9204e39a0d579fd239f44ab347596bd91d4bacb5725b4e396747163c943a

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jul 2023 20:59:26 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/9544829/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
52.222.169.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-99.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:41:39 GMT
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
73079
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
qjdHA0Wt0CB_CyoBQ07O1im8d3Hd7bp4Bc41IfUB3lNRFJvFwGzFjg==

Redirect headers

date
Thu, 13 Jul 2023 20:59:26 GMT
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG52-P2
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
GMpg-VgPTMPOdVw3P4i6MIHsfFLI5RbT7YdFqrFT5MPEvxxEchM1hA==
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=3&pid=1b61fa88-d430-40c0-9491-41c2d2e5e2eb&token=606AB30F-6146-2148-11FE-05215D06BA6C&_=133547015
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-26-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 20:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=4&pid=1b61fa88-d430-40c0-9491-41c2d2e5e2eb&token=606AB30F-6146-2148-11FE-05215D06BA6C&_=133547016
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-26-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 20:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
trustedform-1.8.39.js
cdn.trustedform.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.39.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=true&field=TrustedFormTokenUrl&l=16892819650370.556206587265941&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Thu, 13 Jul 2023 20:59:13 GMT
last-modified
Fri, 12 May 2023 16:55:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
14
etag
W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
rJXsgZ6Fjp7q-H9_gGYF3l3xFuMFEREA9uoLqP15AIVcmwo3Rasdvg==
snapshot
api.trustedform.com/certs/5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-106.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:59:26 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
free-insurance-quotes-now_com.png
d2en6kvan5r1zc.cloudfront.net/Assets/Images/Logos/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2en6kvan5r1zc.cloudfront.net/Assets/Images/Logos/free-insurance-quotes-now_com.png?awlav=11
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-203.fra2.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
af2018ba618a1e6a3aea1a3e9c4864ab30bdf49f5a384d4d9d25bdebc3c564c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:24 GMT
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Jul 2023 17:09:28 GMT
Server
Microsoft-IIS/8.5
X-Amz-Cf-Pop
FRA2-C2
Age
1
X-Powered-By
ASP.NET
ETag
"054d84851b3d91:0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21491
X-Amz-Cf-Id
sVbQWIT7WNF0k-ZNL3J7JV0kky7VSZjVPTpnLh3R4fOtzWj6JFMGjA==
DRCbnOK3fvjCy5psw27SA_8ERIg.gif
d29u10q7qlh006.cloudfront.net/i/i/1204/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29u10q7qlh006.cloudfront.net/i/i/1204/DRCbnOK3fvjCy5psw27SA_8ERIg.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:8a00:f:7ab9:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49458085d6dfd14142b0d92d744ee405a365a4f7019d1a77b90954973bd65ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:53:36 GMT
via
1.1 f41c2361062c4fc74c645f4e4fddd2de.cloudfront.net (CloudFront)
last-modified
Tue, 17 Mar 2020 21:26:21 GMT
server
AmazonS3
x-amz-cf-pop
CDG3-C2
age
18351
etag
"a77b417277e3c2da85f7286eea795bdc"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35794
x-amz-cf-id
FvEUQw6oQ6n13zg9I0ODyFu7kErqRQFAadzwodt-RbJTWXSupbQTig==
fingerprints
api.trustedform.com/certs/5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-106.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:59:26 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
TrackTraffic
www.usinsuranceonline.com/api/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usinsuranceonline.com/api/TrackTraffic?ip=185.213.155.157&uid=78647&tc=1&tid=172472128&url=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:26 GMT
Cache-Control
private
Content-Length
0
0
bat.bing.com/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4017641&Ver=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1CF65202004460DA41193602AF1A23E Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4034822&tm=gtm002&Ver=2&mid=36c520e4-ea4b-4ba8-992c-e4cc4bf30dbd&sid=263cb33021c011eeb206b53e299dc33e&vid=263caa2021c011ee8299573d213e7a4d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&p=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&r=&lt=1377&evt=pageLoad&sv=1&rn=369027
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 835E99745C54458FAE44FAEEEE352230 Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4017641&Ver=2&mid=d7144c40-6721-4632-9c56-726307c38453&sid=263cb33021c011eeb206b53e299dc33e&vid=263caa2021c011ee8299573d213e7a4d&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shop%20around%20and%20compare%20your%20instant%20online%20quotes!%20free-insurance-quotes-now.com&p=https%3A%2F%2Fquote.free-insurance-quotes-now.com%2FExit%2FInstantQuotes%3Fqid%3DcWlkKzI5NDE3ODQ1Mw%3D%3D&r=&lt=1377&evt=pageLoad&sv=1&rn=754281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quote.free-insurance-quotes-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 20:59:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CEAB25991616411299E90DCCBFE0592E Ref B: FRAEDGE1216 Ref C: 2023-07-13T20:59:26Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
LogTrustedFormToken
quote.free-insurance-quotes-now.com/ApiSession/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quote.free-insurance-quotes-now.com/ApiSession/LogTrustedFormToken?as=rfty4sg20sho5mi1h2tutpsv&trustedFormToken=5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5
Requested by
Host: d2en6kvan5r1zc.cloudfront.net
URL: https://d2en6kvan5r1zc.cloudfront.net/Assets/Bundle/Webpack/Scripts/Oscar/scriptMain.js?awlav=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.109.216.75 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
allwebleads.com
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://quote.free-insurance-quotes-now.com/Exit/InstantQuotes?qid=cWlkKzI5NDE3ODQ1Mw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 20:59:25 GMT
Cache-Control
private
Content-Length
2
Content-Type
application/json; charset=utf-8
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/javascript
p
aux.fqtag.com/aux/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/p
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:59:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=5&pid=1b61fa88-d430-40c0-9491-41c2d2e5e2eb&token=606AB30F-6146-2148-11FE-05215D06BA6C&_=133547017
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e5ff908-36e4-43de-a0eb-5bd50ad2a685.js?snippet_version=2&callback=initLeadiDTokenCapture
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-26-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 20:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/5622a581b2f9e9ea6a2f6b6938c0b3422ac257d5/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-70-106.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quote.free-insurance-quotes-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 20:59:27 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| awl object| d object| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__lead function| MediaAlphaExchange__loadIVRPool function| MediaAlphaExchange__loadNumPool function| MediaAlphaExchange__load string| targetID string| targetElt object| log4javascript function| Logger function| PixelManager function| DobTriplizer function| DropdownUpdater function| initMediaAlphaLeadCertificateIdCapture function| trustedFormCertIdCallback function| RecaptureReCaptcha function| CaptureGoogleReCaptchaScore function| initLeadiDTokenCapture function| $ function| jQuery object| jQuery182013019723159853513 boolean| firstLoad function| IsValidPageLoadTracking function| GetPageLoadTrackingData function| CreatePageLoadTracking function| IsFirstLoad function| getCookie object| awlDataLayer function| ga object| LeadiDconfig object| LeadiD object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject object| GooglebQhCsO object| google_conversion_id object| google_conversion_language object| google_conversion_format object| google_conversion_color object| google_conversion_label object| google_conversion_value object| gaplugins object| gaGlobal object| gaData object| dataLayer function| UET function| UET_init function| UET_push object| ueto_d8e0f5116f object| uetq function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_currency object| google_conversion_domain object| google_disable_viewthrough object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| ueto_178d3b6a44 function| fqPixel object| regeneratorRuntime

17 Cookies

Domain/Path Name / Value
.free-insurance-quotes-now.com/Exit Name: FirstLoad
Value: rfty4sg20sho5mi1h2tutpsv
.free-insurance-quotes-now.com/ Name: QX_ASP.Net_SessionId
Value: rfty4sg20sho5mi1h2tutpsv
quote.free-insurance-quotes-now.com/ Name: QX_ASP.Net_SessionId
Value: rfty4sg20sho5mi1h2tutpsv
.free-insurance-quotes-now.com/ Name: QX_ASP.Net_SourcingInfo
Value: SessionId=rfty4sg20sho5mi1h2tutpsv&UserSessionId=1623646870&refId=&adv=
quote.free-insurance-quotes-now.com/ Name: TS01db90b3
Value: 01e2c94890e87c752e91bdc33f7ee31ed6c1892ecc1cfccf8200480410571246ef0e673d2158368549321a4d610da9261c7078c62ad3f151f2505a5f88381ca32023111dee
.free-insurance-quotes-now.com/ Name: TS012e2c4e
Value: 01e2c94890faab1e995dfd33237a4ec9fb0610a0f41cfccf8200480410571246ef0e673d2158368549321a4d610da9261c7078c62aa7f0fda52c568c16480023f4d332981fdb9b53b170165e42551289c2e9486a89
.free-insurance-quotes-now.com/ Name: _gcl_au
Value: 1.1.496652377.1689281965
.free-insurance-quotes-now.com/ Name: _ga
Value: GA1.2.1800042490.1689281965
.free-insurance-quotes-now.com/ Name: _gid
Value: GA1.2.384587997.1689281965
.free-insurance-quotes-now.com/ Name: _dc_gtm_UA-10767246-38
Value: 1
.bing.com/ Name: MUID
Value: 29FD909142BA64F9320083DC43686515
.free-insurance-quotes-now.com/ Name: _ga_135E1Q1NMJ
Value: GS1.2.1689281965.1.0.1689281965.0.0.0
quote.free-insurance-quotes-now.com/ Name: leadid_token-006F8754-D273-11E0-B07E-12313B06A6B9-4E5FF908-36E4-43DE-A0EB-5BD50AD2A685
Value: 606AB30F-6146-2148-11FE-05215D06BA6C
.free-insurance-quotes-now.com/ Name: _uetsid
Value: 263cb33021c011eeb206b53e299dc33e
.free-insurance-quotes-now.com/ Name: _uetvid
Value: 263caa2021c011ee8299573d213e7a4d
.doubleclick.net/ Name: IDE
Value: AHWqTUmJIOJdIZcL0NIDMf5ldJOyDlwvhqiJ8Po9HYqdEz32muUqgm0V8ZmIwNFg
.deviceid.trueleadid.com/ Name: uuid
Value: d7e2ebbc26f4477f8304825ab6faab51

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
aux.fqtag.com
bat.bing.com
c.fqtag.com
cdn.fqtag.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d29u10q7qlh006.cloudfront.net
d2en6kvan5r1zc.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance.mediaalpha.com
quote.free-insurance-quotes-now.com
region1.google-analytics.com
sb.scorecardresearch.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.usinsuranceonline.com
13.225.84.203
142.250.181.226
18.173.184.195
18.204.26.203
2001:4860:4802:32::178
2001:4860:4802:32::36
216.109.216.75
2600:1901:0:298e::
2600:9000:219c:8a00:f:7ab9:d180:93a1
2600:9000:223d:2000:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c1b::9a
3.211.108.241
3.220.70.106
35.190.36.172
35.190.72.161
52.222.169.99
54.242.173.36
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
136d1d279d2eb5a95d448b7d51c884725812267157d736860a1d368a936d5939
141a922b83cc6707d19885ed7aec59ed8331771664e38e57277ed5eb5636650f
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
1e25b84687fd954c6920f57fc2dc4bdf4ec4b8d19efe827c3001769f2c0dc4e7
2cd21c998003bf60432361f8a7d0eb87bee7dfff3ccca7b8d392f8b805781288
32240fcab92a1e5adb30dbe436b5636ab26ced6bba28e2a6b19a841c5c851ecb
49458085d6dfd14142b0d92d744ee405a365a4f7019d1a77b90954973bd65ee9
4aa7d6d0c2588e929d7c891a8efd6bd840b83c4cfdfab678450034b5603770c0
54b904e55878746f1934fa0178ba7c99b8afb24eca5a8eca26a7580942b0c0d7
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
67f6c93652efa0141edb21632c553c9f9b994eb7989e25d64085dc0a489658b3
6a4d1efc021b78c0e730bebe82d95a417db82583e78846d1dd6f3e562e009165
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8a25208dfe29cae6a792b9d57bddab43cdf747440d7fa760dae0ed238dc127c4
8f22b20df1f378e076f619bc81cf06be34e0d4368cd102f5eb929292e9867d52
940a2780647ad473c6d299a32d22b5adea4ac667fd3adcf46cfe8441dbdaeba7
9fde5f3e971fabf8125ffa6332106aae5ea9338a7bd85f75b7d3594f71e93f37
a82e9204e39a0d579fd239f44ab347596bd91d4bacb5725b4e396747163c943a
af2018ba618a1e6a3aea1a3e9c4864ab30bdf49f5a384d4d9d25bdebc3c564c5
b2211e24b6dbc29258e66445e094f6cc56455d502e282b55933650ee9b5e810f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6b00a332c441147d9c9ddc3243a2c499ec59b9f412e53e69ed64ce9a948785c
bba0b64d10baa3874290271748c923d66f38afead872e99dfd0d7a9da62867c3
c54ebf0cb9a2c2143b01c48b35c7a2a6b49e396cbd3b2e3421fdeb2b21ace72d
d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd
da7a2d6dbe6a8a1bb2e11226604e83966b6fd7b0ce32b6a3b6034d4b3ef396b6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f562a0680b87f88220a3d4b57d7f40b9bd0e3185a1048070c7a9278e2ae9b374
fc137c727230929952883881a01fad1eae4a49fef995f01e072d9bf19fb4ca34
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14