urlscan.io logo urlscan.io
SecurityTrails logo

mva.afteraccidenthelp.com Open in urlscan Pro
2a06:98c1:58::60  Public Scan

Go To Rescan Add Verdict Report
URL: https://mva.afteraccidenthelp.com/
Submission: On May 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:58::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is mva.afteraccidenthelp.com.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2024. Valid for: 3 months.
This is the only time mva.afteraccidenthelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a06:98c1:58::60 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:c98:2030... 28753 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 52.206.159.24 14618 (AMAZON-AES)
2 2600:9000:26d... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 18.211.90.172 14618 (AMAZON-AES)
1 18.173.184.156 16509 (AMAZON-02)
29 12
8    2a06:98c1:58::60 (United States)

ASN13335 (CLOUDFLARENET, US)
mva.afteraccidenthelp.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:c98:2030:a025:9:: (Neumünster, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
law.afteraccidenthelp.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    52.206.159.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-159-24.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:26db:9200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
4    18.211.90.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-90-172.compute-1.amazonaws.com
create.leadid.com
1    18.173.184.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-156.muc50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
11 afteraccidenthelp.com
mva.afteraccidenthelp.com
law.afteraccidenthelp.com
189 KB
7 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 26233
cdn.trustedform.com — Cisco Umbrella Rank: 31049
43 KB
4 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13668
2 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
fonts.googleapis.com — Cisco Umbrella Rank: 33
32 KB
2 gstatic.com
fonts.gstatic.com
56 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 20871
38 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
81 KB
29 8
Domain Requested by
8 mva.afteraccidenthelp.com mva.afteraccidenthelp.com
5 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 create.leadid.com create.lidstatic.com
3 law.afteraccidenthelp.com mva.afteraccidenthelp.com
law.afteraccidenthelp.com
2 cdn.trustedform.com mva.afteraccidenthelp.com
api.trustedform.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com mva.afteraccidenthelp.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com mva.afteraccidenthelp.com
1 www.googletagmanager.com mva.afteraccidenthelp.com
1 ajax.googleapis.com mva.afteraccidenthelp.com
29 11

This site contains no links.

Subject Issuer Validity Valid
mva.afteraccidenthelp.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
law.afteraccidenthelp.com
ZeroSSL RSA Domain Secure Site CA		 2024-05-18 -
2024-08-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
lidstatic.com
E1		 2024-03-27 -
2024-06-25		 3 months crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-08-21 -
2024-09-17		 a year crt.sh
*.trustedform.com
Amazon RSA 2048 M03		 2023-08-11 -
2024-09-07		 a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03		 2024-02-13 -
2025-03-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://mva.afteraccidenthelp.com/
Frame ID: B170F5F531AE36BE2C5BB209E2EC385B
Requests: 29 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C913EA4A-F0B7-237B-4E17-B8AF402E37ED&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=C70F2000-299A-2849-1BC4-3C8C56B003B4&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
Frame ID: 907E32D56417DFB091EEA5B14531F6FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MVA

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

73 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

452 kB
Transfer

1015 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mva.afteraccidenthelp.com/ 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e39b0ef70aadf45bcceb6a7ff1b0c40a0d0b23bc1338c1b034fa8661a896065

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public,max-age=10,s-maxage=86400
cf-cache-status
MISS
cf-ray
8890a2ec9e141a49-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 24 May 2024 22:14:03 GMT
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-request-id
tx0000026d6868700daa328-006651112b-fb2dae5-nyc3d
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type
Normal
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:55:00 GMT
output.css
mva.afteraccidenthelp.com/src/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mva.afteraccidenthelp.com/src/output.css
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
646c84afee9c323d107492765fdf09191f2ecef5dee82064f60a9ed6a05b75f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx000007ac973ed148f8fb2-006651112b-fb2daf4-nyc3d
x-do-orig-status
200
etag
W/"2cb8ff4ba698101ddf39e7f1fa704dcc"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
cf-ray
8890a2ef79121a49-FRA
js
www.googletagmanager.com/gtag/ 		221 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16565228514
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7e9ebe1dc959463732f9ce5af643963e321c8aa93d27e5cace68c3d987dc213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82018
x-xss-protection
0
last-modified
Fri, 24 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 May 2024 22:14:03 GMT
track.js
law.afteraccidenthelp.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://law.afteraccidenthelp.com/track.js?rtkcmpid=66483f741c10c00001a405b0
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:c98:2030:a025:9:: Neumünster, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
9491ba9265f76d4b1eb48bd6f3a4852856689c142f323d5afc27845a57b4384e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:14:03 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
logo.png
mva.afteraccidenthelp.com/src/imgs/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mva.afteraccidenthelp.com/src/imgs/logo.png
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2e4059e50db153209bd1174de2a02488698c10b128045ee8bf8185f83e3886

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:03 GMT
cf-cache-status
MISS
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx00000fe9c2ac1830937bb-006651112b-fb2daf4-nyc3d
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
content-length
155024
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
etag
"ecf403d7debdf237b8bc5cd61879f68e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
accept-ranges
bytes
cf-ray
8890a2ef79141a49-FRA
icon.webp
mva.afteraccidenthelp.com/src/imgs/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mva.afteraccidenthelp.com/src/imgs/icon.webp
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a8977be70f4c62431e76b12e15d2706456e7b4db47fbcb371255c073eb407d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:03 GMT
cf-cache-status
MISS
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx00000bc0140337c39b76b-006651112b-fb2dae5-nyc3d
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
content-length
16792
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
etag
"0d89c2468299846a26a11bb851f27bb0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/webp
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
accept-ranges
bytes
cf-ray
8890a2ef79161a49-FRA
script.js
mva.afteraccidenthelp.com/src/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mva.afteraccidenthelp.com/src/script.js
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56509e6a937f4b55bab624a483c5a323fa784af733b7cf54cf77d4e9cc95f5d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx00000d4618233c9d3a95e-006651112c-fb2dae5-nyc3d
x-do-orig-status
200
etag
W/"16fba45684b33f16d713d08b388943d2"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/javascript; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
cf-ray
8890a2f24bdb1a49-FRA
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/src/output.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ed40b4be7a49bbc6382f2b7439e6af9eb3a57b5575576d7c39f7085fbf2e3b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 22:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 21:38:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 22:14:03 GMT
css2
fonts.googleapis.com/ 		11 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/src/output.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e7eebc4d5c6455e430263b6dd125bafb38e3ade2edc85c166bbb1ebe663c285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 22:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 22:14:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 22:14:03 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://mva.afteraccidenthelp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 06:41:12 GMT
x-content-type-options
nosniff
age
315171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 06:41:12 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://mva.afteraccidenthelp.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:47:05 GMT
x-content-type-options
nosniff
age
156418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:47:05 GMT
66483f741c10c00001a405b0
law.afteraccidenthelp.com/ 		80 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://law.afteraccidenthelp.com/66483f741c10c00001a405b0?format=json&&sub19=&sub20=
Requested by
Host: law.afteraccidenthelp.com
URL: https://law.afteraccidenthelp.com/track.js?rtkcmpid=66483f741c10c00001a405b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:c98:2030:a025:9:: Neumünster, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
5b42fa54ffe234827e81ea820bbd65a41fc94be385439c6eb42512fc8987993a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:14:04 GMT
Server
nginx/1.20.2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
80
view
law.afteraccidenthelp.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://law.afteraccidenthelp.com/view?clickid=6651112c32a7460001eac884
Requested by
Host: law.afteraccidenthelp.com
URL: https://law.afteraccidenthelp.com/track.js?rtkcmpid=66483f741c10c00001a405b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:c98:2030:a025:9:: Neumünster, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 May 2024 22:14:04 GMT
Server
nginx/1.20.2
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164
  • https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Server
2600:9000:26db:9200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c41763922de088a739d13373593d2bc7569bb525e40fc762ef7d7518af231d6c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://mva.afteraccidenthelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
x-amz-version-id
1D.FF77dd61qyGtl5RG.iFxte1pw_rUE
content-encoding
gzip
last-modified
Fri, 10 May 2024 19:43:29 GMT
server
AmazonS3
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"0f54ed54362c72f248b148a0f774d6c1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
UEFA4xMAwNTr138HviKCRZx0CQFZRIjsPh2Bcqwl-GosCFEqicXqZg==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164
date
Fri, 24 May 2024 22:14:04 GMT
server
awselb/2.0
content-length
134
content-type
text/html
c70f2000-299a-2849-1bc4-3c8c56b003b4.js
create.lidstatic.com/campaign/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/c70f2000-299a-2849-1bc4-3c8c56b003b4.js?snippet_version=2
Requested by
Host: mva.afteraccidenthelp.com
URL: https://mva.afteraccidenthelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f18cbeb8c52ce481b77eb12c4c7bfc0637c4fae5a6cec28c2df9ec48598e1b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:04 GMT
x-amz-version-id
486hemG7JA4dHL9sHdzeaSqTyTohR3NT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
08Z3Y80H9Q8ZA0GA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
dhrGkq4HomEv3oG1DRKwhAYjELhFvhrgRippyKP5za0/UK7jawwSpZQYaNLogK/fczGuTn1qrrA=
last-modified
Thu, 18 Jan 2024 02:22:11 GMT
server
cloudflare
etag
W/"8ee54b57900ce2ed37bbf49a7a4838b0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
8890a2f4dde69732-FRA
GenerateToken
create.leadid.com/2.12.1/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=db9c55c3-af85-45f3-a185-08e10af11397&_=906748029
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c70f2000-299a-2849-1bc4-3c8c56b003b4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.211.90.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-90-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f22b0aca6877d04a0cb90ae75fc34bb135f7d53f40b839ea1a0f9ebed7d25ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.206.159.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-159-24.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
7b987f040f531227e989855a704cfdf5b7a7d593707dc4fc36063084b2d37760

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
favicon.ico
mva.afteraccidenthelp.com/ 		1019 B
494 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mva.afteraccidenthelp.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb791d699b77ee1137f7e66d436db917084785237adcf4d02408f329615092e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx000007dbd19e49ceb746a-006651112d-fb2dae5-nyc3d
x-do-orig-status
404
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/html; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
cf-ray
8890a2f88a8a1a49-FRA
trustedform-1.9.15.js
cdn.trustedform.com/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.9.15.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17165888442200.40947289278126164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:9200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c16612b76acbad337a38019fa67cb4733227a5acf681d92471d5bbe0bae121a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
trC3BDaL_J_G4BXqreWlhhQIwhMePOn1
content-encoding
gzip
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
date
Fri, 24 May 2024 22:14:05 GMT
last-modified
Fri, 10 May 2024 19:43:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
16
etag
W/"d5f4304dea6121d44398da810b5a4106"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DI6vaUmpWIz8GaJIQwPCRcNO_Rzc9p-U1WUzC78T-di7Bl1p3HGY1Q==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 907E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C913EA4A-F0B7-237B-4E17-B8AF402E37ED&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=C70F2000-299A-2849-1BC4-3C8C56B003B4&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c70f2000-299a-2849-1bc4-3c8c56b003b4.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-156.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://mva.afteraccidenthelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
85076
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 23 May 2024 22:36:20 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
X-Amz-Cf-Id
cuLp-JvxX3qOle26QkZA1qQjUN8I_rqb7gyQm7aEhvaCQBRYP79GVw==
X-Amz-Cf-Pop
MUC50-P4
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=db9c55c3-af85-45f3-a185-08e10af11397&token=C913EA4A-F0B7-237B-4E17-B8AF402E37ED&_=906748030
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c70f2000-299a-2849-1bc4-3c8c56b003b4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.211.90.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-90-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=db9c55c3-af85-45f3-a185-08e10af11397&token=C913EA4A-F0B7-237B-4E17-B8AF402E37ED&_=906748031
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c70f2000-299a-2849-1bc4-3c8c56b003b4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.211.90.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-90-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
snapshot
api.trustedform.com/certs/1b357ec3f750dbb4cc5bb4adceddc2e4f2582a0a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1b357ec3f750dbb4cc5bb4adceddc2e4f2582a0a/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.206.159.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-159-24.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 24 May 2024 22:14:05 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
fingerprints
api.trustedform.com/certs/1b357ec3f750dbb4cc5bb4adceddc2e4f2582a0a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1b357ec3f750dbb4cc5bb4adceddc2e4f2582a0a/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.206.159.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-159-24.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 24 May 2024 22:14:05 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
logo.png
mva.afteraccidenthelp.com/src/imgs/ 		151 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mva.afteraccidenthelp.com/src/imgs/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2e4059e50db153209bd1174de2a02488698c10b128045ee8bf8185f83e3886

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:03 GMT
cf-cache-status
MISS
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx00000fe9c2ac1830937bb-006651112b-fb2daf4-nyc3d
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
content-length
155024
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
etag
"ecf403d7debdf237b8bc5cd61879f68e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
accept-ranges
bytes
cf-ray
8890a2ef79141a49-FRA
icon.webp
mva.afteraccidenthelp.com/src/imgs/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mva.afteraccidenthelp.com/src/imgs/icon.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a8977be70f4c62431e76b12e15d2706456e7b4db47fbcb371255c073eb407d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:14:03 GMT
cf-cache-status
MISS
x-do-app-origin
e828d0d9-df23-4067-b96c-eaac3121c1e2
x-amz-request-id
tx00000bc0140337c39b76b-006651112b-fb2dae5-nyc3d
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
content-length
16792
last-modified
Fri, 24 May 2024 21:24:14 GMT
server
cloudflare
etag
"0d89c2468299846a26a11bb851f27bb0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/webp
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
accept-ranges
bytes
cf-ray
8890a2ef79161a49-FRA
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
Snap
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=db9c55c3-af85-45f3-a185-08e10af11397&token=C913EA4A-F0B7-237B-4E17-B8AF402E37ED&_=906748032
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c70f2000-299a-2849-1bc4-3c8c56b003b4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.211.90.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-90-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 May 2024 22:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1b357ec3f750dbb4cc5bb4adceddc2e4f2582a0a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1b357ec3f750dbb4cc5bb4adceddc2e4f2582a0a/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.206.159.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-159-24.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://mva.afteraccidenthelp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 24 May 2024 22:14:06 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| gtag object| dataLayer function| getCookie string| campaignID number| cachebuster string| rtkClickID string| rtkfbp string| rtkfbc string| locSearch object| urlParams string| pixelParams string| initialSrc function| stripTrailingSlash object| rawData function| fixHrefWithClick function| setCookie object| redtrackClickId object| xhr object| google_tag_manager object| google_tag_data object| xhrr number| currentTab number| progress function| showTab function| nextPrev function| spinerToMobile function| spinerToDesk function| moveToNextInput function| correctDate function| validateDate function| validateForm function| thankYouMessage function| fixStepIndicator object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame object| regeneratorRuntime function| trustedFormNext

8 Cookies

Domain/Path Name / Value
.mva.afteraccidenthelp.com/ Name: __cf_bm
Value: uXeROl.qKksXCQmwfqFNU2RzXNiaU79Ud389KAwqyMY-1716588843-1.0.1.1-Olz92mQv140164KL86KEtLKp13kSenYB_OBJXKCfA9e2FoFo_cr35uO_K3oUCj_xeWDHz70b9dBOlc4IKu3Cpg
.afteraccidenthelp.com/ Name: _gcl_au
Value: 1.1.608217043.1716588844
mva.afteraccidenthelp.com/ Name: rtkclickid-store
Value: 6651112c32a7460001eac884
mva.afteraccidenthelp.com/ Name: leadid_token-F252983F-4BD1-0DD8-CD81-F4700AF60B66-C70F2000-299A-2849-1BC4-3C8C56B003B4
Value: C913EA4A-F0B7-237B-4E17-B8AF402E37ED
.trueleadid.com/ Name: nlbi_3051494
Value: dAQQaGYP9lvQmlH4C30iGwAAAACWV6EH1qJ9JXIgf5t/bIVi
.trueleadid.com/ Name: visid_incap_3051494
Value: W9X6qoncQVeF0JKlyB3GxCwRUWYAAAAAQUIPAAAAAADsoI8GXc5tksypOiFXYrp4
.trueleadid.com/ Name: incap_ses_8219_3051494
Value: yiIoAaHC+H09Kr6ABMEPciwRUWYAAAAAO4Arma4Fu+3sYeuOYLHeKQ==
.deviceid.trueleadid.com/ Name: uuid
Value: 30b7eac3487f4482a9288d423cb5c05a

15 Console Messages

Source Level URL
Text
network error URL: https://mva.afteraccidenthelp.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mva.afteraccidenthelp.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
law.afteraccidenthelp.com
mva.afteraccidenthelp.com
www.googletagmanager.com
18.173.184.156
18.211.90.172
2600:9000:26db:9200:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2a00:1450:4001:809::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
2a00:c98:2030:a025:9::
2a06:98c1:58::60
52.206.159.24
1a2e4059e50db153209bd1174de2a02488698c10b128045ee8bf8185f83e3886
42a8977be70f4c62431e76b12e15d2706456e7b4db47fbcb371255c073eb407d
5b42fa54ffe234827e81ea820bbd65a41fc94be385439c6eb42512fc8987993a
5c16612b76acbad337a38019fa67cb4733227a5acf681d92471d5bbe0bae121a
646c84afee9c323d107492765fdf09191f2ecef5dee82064f60a9ed6a05b75f8
6e39b0ef70aadf45bcceb6a7ff1b0c40a0d0b23bc1338c1b034fa8661a896065
7b987f040f531227e989855a704cfdf5b7a7d593707dc4fc36063084b2d37760
7e7eebc4d5c6455e430263b6dd125bafb38e3ade2edc85c166bbb1ebe663c285
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ed40b4be7a49bbc6382f2b7439e6af9eb3a57b5575576d7c39f7085fbf2e3b2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9491ba9265f76d4b1eb48bd6f3a4852856689c142f323d5afc27845a57b4384e
a56509e6a937f4b55bab624a483c5a323fa784af733b7cf54cf77d4e9cc95f5d
a7e9ebe1dc959463732f9ce5af643963e321c8aa93d27e5cace68c3d987dc213
b6f18cbeb8c52ce481b77eb12c4c7bfc0637c4fae5a6cec28c2df9ec48598e1b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c41763922de088a739d13373593d2bc7569bb525e40fc762ef7d7518af231d6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb791d699b77ee1137f7e66d436db917084785237adcf4d02408f329615092e
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f22b0aca6877d04a0cb90ae75fc34bb135f7d53f40b839ea1a0f9ebed7d25ecd