206.83.162.175 Open in urlscan Pro
206.83.162.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://206.83.162.175/story.pl
Effective URL:
https://206.83.162.175/story.pl
Submission: On September 06 via manual (September 6th 2021, 4:18:39 am UTC) from US

Summary HTTP 52 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 52 HTTP transactions. The main IP is 206.83.162.175, located in Lynchburg, United States and belongs to GNA-CORP-GENWORTH-FINANCIAL, US. The main domain is 206.83.162.175.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.

This is the only time 206.83.162.175 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	206.83.162.175 206.83.162.175	22711 (GNA-CORP-...) (GNA-CORP-GENWORTH-FINANCIAL)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	52.51.225.94 52.51.225.94	16509 (AMAZON-02) (AMAZON-02)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
52	20

18 206.83.162.175 (Lynchburg, United States) 1 redirects

ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US)

206.83.162.175	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.225.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-225-94.eu-west-1.compute.amazonaws.com

docs.genworth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

somni.genworth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	facebook.com www.facebook.com	470 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	crazyegg.com script.crazyegg.com	25 KB
3	facebook.net connect.facebook.net	201 KB
3	bing.com bat.bing.com	9 KB
3	genworth.com 1 redirects docs.genworth.com somni.genworth.com	1 KB
3	gstatic.com fonts.gstatic.com	45 KB
3	google-analytics.com www.google-analytics.com	60 KB
2	google.de www.google.de	261 B
2	google.com www.google.com	171 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
1	hotjar.com static.hotjar.com	345 B
1	rtb123.com www.rtb123.com	3 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	70 KB
1	googleapis.com fonts.googleapis.com	1 KB
52	17

	Domain	Requested by
4	www.facebook.com	206.83.162.175
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	connect.facebook.net	206.83.162.175 connect.facebook.net
3	bat.bing.com	206.83.162.175 bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	somni.genworth.com	1 redirects 206.83.162.175
2	www.google.de	206.83.162.175
2	www.google.com	206.83.162.175
2	px.ads.linkedin.com	2 redirects
1	static.hotjar.com	206.83.162.175
1	www.rtb123.com	206.83.162.175
1	docs.genworth.com	206.83.162.175
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	206.83.162.175
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	206.83.162.175
1	fonts.googleapis.com	206.83.162.175
52	21

This site contains links to these domains. Also see Links.

Domain
service.genworth.com
secure1.genworth.com
investor.genworth.com
newsroom.genworth.com
www.genworth.com
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.pinterest.com
www.genworth.com.au
www.genworth.in
www.genworth.com.mx

Subject Issuer	Validity	Valid
*.genworth.com DigiCert SHA2 Secure Server CA	`2020-02-24` - `2022-04-25`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.o3n.io R3	`2021-07-02` - `2021-09-30`	3 months	crt.sh
somni.genworth.com DigiCert SHA2 High Assurance Server CA	`2020-08-10` - `2021-11-12`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-09` - `2022-02-10`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://206.83.162.175/story.pl
Frame ID: B020493773188E4684CBFE43D4A67FA0
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not Found

Page URL History Show full URLs

http://206.83.162.175/story.pl HTTP 301
https://206.83.162.175/story.pl Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/etc\/designs\//i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/etc\/designs\//i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

52
Requests

65 %
HTTPS

68 %
IPv6

17
Domains

21
Subdomains

20
IPs

5
Countries

1657 kB
Transfer

2867 kB
Size

2
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://service.genworth.com/consumer/public/payment/one-time
Title: Pay Online

Search URL Search Domain Scan URL

URL: https://service.genworth.com/user-management/?from=genworth/#/forgot-username
Title: username

Search URL Search Domain Scan URL

URL: https://service.genworth.com/user-management/?from=genworth/#/forgot-password
Title: password

Search URL Search Domain Scan URL

URL: https://service.genworth.com/user-management/#/registration?from=genworth
Title: REGISTER NOW

Search URL Search Domain Scan URL

URL: https://secure1.genworth.com/usermanagement/#/forgot_password
Title: password

Search URL Search Domain Scan URL

URL: https://secure1.genworth.com/usermanagement/#/
Title: REGISTER NOW

Search URL Search Domain Scan URL

URL: http://investor.genworth.com/investors/default.aspx
Title: Investors

Search URL Search Domain Scan URL

URL: http://newsroom.genworth.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.genworth.com/pro/producer-login.html
Title: Advisors

Search URL Search Domain Scan URL

URL: https://twitter.com/Genworth
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Genworth/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/genworth-financial_2
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/Genworth
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/genworth/
Title: Pinterest

Search URL Search Domain Scan URL

URL: http://www.genworth.com.au/
Title: Australia

Search URL Search Domain Scan URL

URL: http://www.genworth.in/
Title: India

Search URL Search Domain Scan URL

URL: http://www.genworth.com.mx/
Title: Mexico

Search URL Search Domain Scan URL

URL: http://www.genworth.com.au/nz/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www.genworth.com/
Title: United States of America

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://206.83.162.175/story.pl HTTP 301
https://206.83.162.175/story.pl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D389753%26time%3D1630901898102%26url%3Dhttps%253A%252F%252F206.83.162.175%252Fstory.pl%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&liSync=true&e_ipv6=AQIrRnC2oPOUeAAAAXu5VA82DZvYturnouYdUnT2UZNCGbslKFJbygvX4R_xK804XRnQhhEZ

Request Chain 38

https://somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/s94812510452511?AQB=1&ndh=1&t=6%2F8%2F2021%206%3A18%3A18%201%20-120&fid=53F73332D05B0E3B-1DB1CB37C50F9E2F&ce=UTF-8&ns=genworthfinancial&cdp=2&pageName=Story.pl&g=https%3A%2F%2F206.83.162.175%2Fstory.pl&cc=USD&ch=Story.pl&events=event19&c1=Story.pl&v1=Story.pl&c2=Story.pl&v2=Story.pl&c6=Page%20Not%20Found&v11=206.83.162.175%2Fstory.pl&c14=New&v14=New&c15=1&v15=1&c16=First%20Visit&v16=First%20Visit&v19=Story.pl&c22=0%7C0&c23=0x0&c24=0x0&h1=Story.pl&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/s94812510452511?AQB=1&pccr=true&vidn=309ACB458134846D-400012CD8E9C7B24&ndh=1&t=6%2F8%2F2021%206%3A18%3A18%201%20-120&fid=53F73332D05B0E3B-1DB1CB37C50F9E2F&ce=UTF-8&ns=genworthfinancial&cdp=2&pageName=Story.pl&g=https%3A%2F%2F206.83.162.175%2Fstory.pl&cc=USD&ch=Story.pl&events=event19&c1=Story.pl&v1=Story.pl&c2=Story.pl&v2=Story.pl&c6=Page%20Not%20Found&v11=206.83.162.175%2Fstory.pl&c14=New&v14=New&c15=1&v15=1&c16=First%20Visit&v16=First%20Visit&v19=Story.pl&c22=0%7C0&c23=0x0&c24=0x0&h1=Story.pl&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request

Cookie set story.pl Show response
206.83.162.175/
Redirect Chain

http://206.83.162.175/story.pl
https://206.83.162.175/story.pl

49 KB
9 KB

409ms
176ms

Document
text/html

206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to

Full URL

https://206.83.162.175/story.pl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

9eba1009a33ce6ef81d90adbff673bb69391336783ea652f44568858e8e70784

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: 206.83.162.175
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:17 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Set-Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9;Path=/;Expires=Thu, 16-Sep-2021 04:18:17 GMT;Max-Age=864000 BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; path=/; Httponly; Secure TS01a639b6=010366f85a0f5fdd9af9c7c2fde81d806b86df5a1af4208eaa44fe24d0aae0c6008863d6bb6a95182299a6cada3e2de3169477eb35; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: frame-ancestors 'self'
Transfer-Encoding: chunked

Redirect headers

Location: https://206.83.162.175/story.pl
Server: gnw
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 35ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Crimson+Text:400,400i,600,600i|Open+Sans:400,700

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

841ffa28760809bd46b82f74aeeb410acb9ef8593c76d523ecbf11fa2ccc4cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 04:18:17 GMT
server: ESF
date: Mon, 06 Sep 2021 04:18:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Sep 2021 04:18:17 GMT

GET
H/1.1 200
OK Cookie set clientlibs.css
206.83.162.175/etc/designs/genworth-www/genworth-all/ 322 KB
52 KB 142ms
142ms Stylesheet
text/css 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

3b32bbe13c8a4296d05a1323d716acfcbd4f1e4231c02c9fa84e60475a29695f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://206.83.162.175/story.pl
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=
Connection: keep-alive
Referer: https://206.83.162.175/story.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 52915
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "509d2-5cb19272a9a24"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a54496cc2b51082330d3f58954314e3bbacf5272bbb2612543156e6c1fa5985d35176f0cf3d3f6716dd0e5241f03ee3ae; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK Cookie set clientlibs.js Show response
206.83.162.175/etc/designs/genworth-www/genworth-all/ 726 KB
726 KB 341ms
119ms Script
application/javascript 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.js

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

e67677a851d8b58af12d23261a9283844b0e12d2ee27b28e92ec2a0cb0640db9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://206.83.162.175/story.pl
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=
Connection: keep-alive
Referer: https://206.83.162.175/story.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "b5702-5cb19273279cb"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a08d96cffbe44030c6457130238155ea6b42f9e532d7cec51e6ddf9e42a383df3fda56e06edaf7a00d630c9169f76254d; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 743170
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
70 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8T5CBN

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0544dfe503cefa0fafbc9901d952ed0ce0a23994422907f2a3971bf83ebbe81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71948
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 04:18:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8T5CBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5177
date: Mon, 06 Sep 2021 02:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 06 Sep 2021 04:52:00 GMT

GET
H2 200 0173.js Show response
script.crazyegg.com/pages/scripts/0068/ 5 KB
2 KB 27ms
13ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/0173.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8T5CBN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03644583235fa8a46300769345fd8080564f765cb31c3b1db6e461efd971f2be

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 474832
cf-polished: origSize=4899
cf-ray: 68a4e47e2db40614-FRA
ce-version: 11.1.331
last-modified: Tue, 31 Aug 2021 16:24:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 104ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8T5CBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14079
x-xss-protection: 0
server: cafe
etag: 18326714422570925345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Sep 2021 04:18:18 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 27ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8T5CBN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=12116
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 103 KB
41 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NLRZSW2&t=gtm4&cid=94066167.1630901898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

670f0f9f2f326f154d5b955bc42ed3b0f3a40e9a85ccdeab6b52e0e3bded427b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41598
x-xss-protection: 0
expires: Mon, 06 Sep 2021 04:18:18 GMT

GET
H2 200 0173.json Show response
script.crazyegg.com/pages/data-scripts/0068/ 9 KB
2 KB 36ms
22ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0068/0173.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/0173.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd941360d79f2382c8be4fe027598b865c78f7e84a2c9a0a48da3c685b24140f

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 474832
ce-version: 11.1.331
content-length: 1499
timing-allow-origin: *
last-modified: Tue, 31 Aug 2021 16:24:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 68a4e47e5d3863f5-FRA

GET
H2 200 11.1.331.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 12ms
12ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/0173.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 14:00:21 GMT
server: cloudflare
age: 475539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 68a4e47f6f7b0614-FRA
content-length: 21512

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/790738621/ 2 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/790738621/?random=1630901898074&cv=9&fst=1630901898074&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&ig=1&frm=0&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63016e00bf3c9e4967a24426a3d67733540100fff8221c74069842526f50d191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 979
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D389753%26time%3D1630901898102%26url%3Dhttps%253A%252F%252F206.83.162.175%252Fstor...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&liSync=true&e_ipv6=AQIrRnC2oPOUeAAAAXu5VA82DZvYturnouYdUnT2UZNCGbslKFJbygvX...

0
155 B

374ms
180ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&liSync=true&e_ipv6=AQIrRnC2oPOUeAAAAXu5VA82DZvYturnouYdUnT2UZNCGbslKFJbygvX4R_xK804XRnQhhEZ
Requested by: Host: 206.83.162.175
URL: https://206.83.162.175/story.pl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:19 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: kU1L+aIgohYQ3g57vioAAA==

Redirect headers

date: Mon, 06 Sep 2021 04:18:19 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=389753&time=1630901898102&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&liSync=true&e_ipv6=AQIrRnC2oPOUeAAAAXu5VA82DZvYturnouYdUnT2UZNCGbslKFJbygvX4R_xK804XRnQhhEZ
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: HM5y46IgohYwq8s9dSsAAA==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=450071306&t=pageview&_s=1&dl=https%3A%2F%2F206.83.162.175%2Fstory.pl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=527905616&gjid=1698085044&cid=94066167.1630901898&tid=UA-112746641-1&_gid=436728302.1630901898&_r=1&gtm=2wg910M8T5CBN&z=423904065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://206.83.162.175
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-112746641-1&cid=94066167.1630901898&jid=527905616&gjid=1698085044&_gid=436728302.1630901898&_u=aGDAAEACQAAAAC~&z=521220554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Sep 2021 04:18:18 GMT
content-type: text/plain
access-control-allow-origin: https://206.83.162.175
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-112746641-1&cid=94066167.1630901898&jid=527905616&_u=aGDAAEACQAAAAC~&z=1768848422

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-112746641-1&cid=94066167.1630901898&jid=527905616&_u=aGDAAEACQAAAAC~&z=1768848422

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/790738621/ 42 B
64 B 33ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/790738621/?random=1630901898074&cv=9&fst=1630900800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&async=1&fmt=3&is_vtc=1&random=1004625914&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/790738621/ 42 B
154 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/790738621/?random=1630901898074&cv=9&fst=1630900800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2F206.83.162.175%2Fstory.pl&async=1&fmt=3&is_vtc=1&random=1004625914&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Text:400,400i,600,600i|Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://206.83.162.175
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 01:46:58 GMT
x-content-type-options: nosniff
age: 354680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Sep 2022 01:46:58 GMT

GET
H/1.1 200
OK image.gif
docs.genworth.com/cdn/jcyhpszzryv7fhl3wjjiqq3uc/ 43 B
183 B 2071ms
1836ms Image
image/gif 52.51.225.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docs.genworth.com/cdn/jcyhpszzryv7fhl3wjjiqq3uc/image.gif?l=https://206.83.162.175/story.pl&r=
Requested by: Host: 206.83.162.175
URL: https://206.83.162.175/story.pl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.51.225.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-225-94.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 0173.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0068/ 46 B
176 B 21ms
21ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0068/0173.json?t=453028
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980492bbf045d8206f17ebd8c3663da75806353a3cc4958b63dd35ba7fcb2c51

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 474832
ce-version: 11.1.331
content-length: 65
timing-allow-origin: *
last-modified: Tue, 31 Aug 2021 16:24:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 68a4e483bde863f5-FRA

GET
H/1.1 200
OK Cookie set logo-white-148.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/ 9 KB
10 KB 116ms
115ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/logo-white-148.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

bb72df6334b9dd91eda7f5fc151d951ee436f8b796fdfc5ea5a90734a250803d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "25b2-5cb19273037a9"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a8ca9c3f9dec0debceb33ced414ba31398c79f43053acafe80a89a851b675ca1abffb24a15da0477055f286faf15b1c6d; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9650
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set logo-148.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/ 21 KB
22 KB 124ms
123ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/logo-148.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

226ad89b82c3b56603574b2acbe55a8628c4cdab77ce4749ff46a309110a6805

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "544a-5cb19272fb6c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a934679eabbcd6cb14c1087d57ff8b5c462ee957ff4e8fad406db17e02f7785c2f494e0f3091182262f3c8a0b086c8ae2; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21578
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set chevrondown_blk.svg
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/icons/ 877 B
2 KB 243ms
117ms Image
image/svg+xml 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/icons/chevrondown_blk.svg

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

8b6e5826b75bc0bb1f309d99778c22d988622fbe0a93932bee773cfcaa33255f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "36d-5cb19273106b2"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/svg+xml
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a1f8889b998b5007b0763fba636c7ba7bc9957022a1c474d039ec34d9ab5f382c2ee9ad403683fb7ee30dcd428181bc78; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 877
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK Cookie set noun_Telephone_576702_blk.svg
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/icons/ 2 KB
3 KB 352ms
119ms Image
image/svg+xml 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/icons/noun_Telephone_576702_blk.svg

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

4c1b118d910dcd3a2470e274e0a0de99605a1b06094b2dbc706f259dbbe48eb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "791-5cb19272fed71"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/svg+xml
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a59ee7421da596a6075ac607c867a33cf5a74fb42140a29467c1338c9cd3ca38bc58d50928fe03a96040cfdd84e15a56a; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1937
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set icon-search-white.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/ 2 KB
2 KB 344ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/icon-search-white.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

a8650a03a5c798524c2f53812cf3f0d21c4a26ccf2783ce3d516eb6c5fca8a5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "614-5cb192730ef42"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a2d6a7ed0d762f9efea5b79dc3dfeef7eb392f24427b759174065b5b5c196da81b551e056eb9fa416b6d783835feea340; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1556
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set icon-search.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/ 2 KB
2 KB 351ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/icon-search.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

80a665323b1876589933bc5d1751d83c6baecaca89606cc0bb05e91869e5e119

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "675-5cb192730acd9"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a38cb29549ba131c9c95fe73aeee572cfdeb28f903b5fa38b4df154e8468892f3b04e617ecd9a41d36e20015beac23091; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1653
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set 404error_desktop_1600x415.jpg
206.83.162.175/content/dam/genworth/cover-images/ 342 KB
342 KB 170ms
115ms Image
image/jpeg 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/content/dam/genworth/cover-images/404error_desktop_1600x415.jpg

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

12d008d55046466ab871e3fa4aa8d4c73bb689a8483d808f64ce4d8d03c64446

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/story.pl
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1
Connection: keep-alive
Referer: https://206.83.162.175/story.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:53:06 GMT
X-Frame-Options: DENY
ETag: "55605-5cb194b9aefd2"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85aaf916eba55f6f34c22babc37e6e6d3538f51427e06effe0279af63df1da47206609296d45ecb15ad8f8e3a8bdfb4bd36; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 349701
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set mtn-footer.jpg
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/ 41 KB
42 KB 236ms
122ms Image
image/jpeg 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/mtn-footer.jpg

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

c89467de43ca90c689e0dab1ac6e0f980d949f263a6e323a36dc78b0144c7c3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "a390-5cb1927309569"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a3d131692efc9770b867a523fe720f9ef505fbbcd0eea03924c65a763e84d368d45bf600f5fb386a212c22d2638577b33; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41872
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set twitter.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/ 640 B
1 KB 118ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/twitter.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

3bf4bd00b37221edd348e9c60a8cc7a6def61d5c5c8ea289a66a8bf1896ddc6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D; _uetsid=770903800ec911ecbeb28bfa193207fe; _uetvid=770921000ec911ecbc753720fa96ad00
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "280-5cb19273131aa"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85af381db53ff0cb8f571e80271b05373a43f18d1185dea6fccd78f5d0665324b009456402370dfee0206e18e15b785c190; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 640
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK Cookie set facebook.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/ 364 B
1 KB 119ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/facebook.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

f63aff045bd8bb427baec3ec8d46f468edee7f6ef609c8475fe362edebaa3f42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D; _uetsid=770903800ec911ecbeb28bfa193207fe; _uetvid=770921000ec911ecbc753720fa96ad00
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "16c-5cb1927310a9a"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a334c21565f3346950d1876a1e4096dfdc0048cc53650d14e468c51ee98fc8a912e07ac43ef04359cb5b2a32b5512f734; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 364
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK Cookie set linked-in.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/ 451 B
1 KB 119ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/linked-in.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

2fd718fccfd2a813827373bc1f2cd192dc1ec0011467e456b1545fc9ee07f6a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D; _uetsid=770903800ec911ecbeb28bfa193207fe; _uetvid=770921000ec911ecbc753720fa96ad00
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "1c3-5cb19273125f2"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85aefc38f7c5d591ec70293605b936b4fa8dea39ceeb8d3f737e6cb22d5d4b86b48054f7c72f0291693e2b12094bf44bb2c; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 451
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK Cookie set you-tube.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/ 886 B
2 KB 118ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/you-tube.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

9d8aa11f66ada516ca50c09b4f26a646671fa46aea69ff9a3d5aa25f5078b3ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D; _uetsid=770903800ec911ecbeb28bfa193207fe; _uetvid=770921000ec911ecbc753720fa96ad00
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "376-5cb1927312dc2"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a51ce487101d85c4f6184445126055163c5e90735f309f41acce4cc2854528b91c97cd888c2313ec11ca6a95f52f0c9fa; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 886
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK Cookie set pinterest.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/ 900 B
2 KB 118ms
118ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/social/pinterest.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

1d1e996dbc7bcdb5e251be236791d9b7e1c6fc5a9e8a098bb28a6269e748443b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D; _uetsid=770903800ec911ecbeb28bfa193207fe; _uetvid=770921000ec911ecbc753720fa96ad00
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "384-5cb192731d5ba"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85ae3f02d0145a1ca72438455009415a63e6dc97cff68f356177fa30f2fbe7a89a00b6e39fd021fdcfdf346e1741dd9ad40; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 900
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK Cookie set flag-us.png
206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/ 2 KB
3 KB 114ms
113ms Image
image/png 206.83.162.175
GNA-CORP-GENWORTH...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs/img/flag-us.png

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

206.83.162.175 Lynchburg, United States, ASN22711 (GNA-CORP-GENWORTH-FINANCIAL, US),

Reverse DNS

Software

Resource Hash

745186213275d1f31f2ea5a84b8f8a56a6fdf9ca2f8344e00154569ce530814b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 206.83.162.175
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
Cookie: km_apiKey=05fd94859ab1b7c612777d1ce110c7fd8bd40be9; BIGipServerKo+PSGi10K126GjmI+Comw=!eB9FQst6Dzir8dpgXCbfQj5Y9RCwu++YIIGiMqMH3j27F41cRFYAO2zSi5pJa0y6xm1FgZMOge12dW4=; _gcl_au=1.1.751742646.1630901898; _ga=GA1.4.94066167.1630901898; _gid=GA1.4.436728302.1630901898; _gat_UA-112746641-1=1; s_cc=true; s_fid=53F73332D05B0E3B-1DB1CB37C50F9E2F; s_getNewRepeat=1630901898905-New; s_vnum=1633493898905%26vn%3D1; s_invisit=true; s_lv=1630901898905; s_lv_s=First%20Visit; s_ppn=Story.pl; s_ppvl=%5B%5BB%5D%5D; s_ppv=Story.pl%2C51%2C51%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP; s_sq=%5B%5BB%5D%5D; _uetsid=770903800ec911ecbeb28bfa193207fe; _uetvid=770921000ec911ecbc753720fa96ad00
Connection: keep-alive
Referer: https://206.83.162.175/etc/designs/genworth-www/genworth-all/clientlibs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 04:18:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 15:42:55 GMT
X-Frame-Options: DENY
ETag: "928-5cb192730c831"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Connection: Keep-Alive
content-security-policy: frame-ancestors 'self'
Set-Cookie: TS01a639b6=010366f85a95ddbc9882f8ffd1744df7c0b6c567bcb81f39d283eec4e99ed258ea3fc4aeb565456d10d446586e20dc102e01980036; Path=/; Domain=.www.genworth.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2344
X-XSS-Protection: 1; mode=block

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Text:400,400i,600,600i|Open+Sans:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://206.83.162.175
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:03:27 GMT
x-content-type-options: nosniff
age: 256491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 05:03:27 GMT

GET
H3-29 200 wlprgwHKFkZgtmSR3NB0oRJfajCOD-NS_LU.woff2
fonts.gstatic.com/s/crimsontext/v11/ 15 KB
15 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v11/wlprgwHKFkZgtmSR3NB0oRJfajCOD-NS_LU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Text:400,400i,600,600i|Open+Sans:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f517a4467a45c5aaa554474748e717392bb91d3598a3e0ec8a7b83fe4baac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://206.83.162.175
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:28:53 GMT
x-content-type-options: nosniff
age: 478165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15840
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 15:28:53 GMT

GET
H2

200

s94812510452511
somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/
Redirect Chain

https://somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/s94812510452511?AQB=1&ndh=1&t=6%2F8%2F2021%206%3A18%3A18%201%20-120&fid=53F73332D05B0E3B-1DB1CB37C50F9E2F&ce=UTF-8&ns=genworthfinancial&cdp=...
https://somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/s94812510452511?AQB=1&pccr=true&vidn=309ACB458134846D-400012CD8E9C7B24&ndh=1&t=6%2F8%2F2021%206%3A18%3A18%201%20-120&fid=53F73332D05B0E3B-1D...

43 B
271 B

29ms
29ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/s94812510452511?AQB=1&pccr=true&vidn=309ACB458134846D-400012CD8E9C7B24&ndh=1&t=6%2F8%2F2021%206%3A18%3A18%201%20-120&fid=53F73332D05B0E3B-1DB1CB37C50F9E2F&ce=UTF-8&ns=genworthfinancial&cdp=2&pageName=Story.pl&g=https%3A%2F%2F206.83.162.175%2Fstory.pl&cc=USD&ch=Story.pl&events=event19&c1=Story.pl&v1=Story.pl&c2=Story.pl&v2=Story.pl&c6=Page%20Not%20Found&v11=206.83.162.175%2Fstory.pl&c14=New&v14=New&c15=1&v15=1&c16=First%20Visit&v16=First%20Visit&v19=Story.pl&c22=0%7C0&c23=0x0&c24=0x0&h1=Story.pl&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:19 GMT
x-content-type-options: nosniff
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 07 Sep 2021 04:18:19 GMT
server: jag
xserver: anedge-f47784dbf-rjf58
etag: 3502335161594871808-4619880113509080487
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 05 Sep 2021 04:18:19 GMT

Redirect headers

date: Mon, 06 Sep 2021 04:18:19 GMT
x-content-type-options: nosniff
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://somni.genworth.com/b/ss/genfinltcnewdev/1/H.26.2/s94812510452511?AQB=1&pccr=true&vidn=309ACB458134846D-400012CD8E9C7B24&ndh=1&t=6%2F8%2F2021%206%3A18%3A18%201%20-120&fid=53F73332D05B0E3B-1DB1CB37C50F9E2F&ce=UTF-8&ns=genworthfinancial&cdp=2&pageName=Story.pl&g=https%3A%2F%2F206.83.162.175%2Fstory.pl&cc=USD&ch=Story.pl&events=event19&c1=Story.pl&v1=Story.pl&c2=Story.pl&v2=Story.pl&c6=Page%20Not%20Found&v11=206.83.162.175%2Fstory.pl&c14=New&v14=New&c15=1&v15=1&c16=First%20Visit&v16=First%20Visit&v19=Story.pl&c22=0%7C0&c23=0x0&c24=0x0&h1=Story.pl&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified: Tue, 07 Sep 2021 04:18:19 GMT
server: jag
xserver: anedge-f47784dbf-4krxx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 05 Sep 2021 04:18:19 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 48ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: 206.83.162.175
URL: https://206.83.162.175/story.pl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: EF3EE7B207B04344B49A04E5701EB25E Ref B: FRAEDGE1215 Ref C: 2021-09-06T04:18:18Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 7BrQlA9PWU17rFtkgGriNrijzdGZ0Uj0HULMWUhhhM0P6aC1uUakSVrVoSscF6NZoEWfWmBz0pfZYQOl03IYEg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 06 Sep 2021 04:18:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/02818063-8093-3E44-F2CE-62BA0AA558ED/ 17 KB
3 KB 377ms
119ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/02818063-8093-3E44-F2CE-62BA0AA558ED/btp.js
Requested by: Host: 206.83.162.175
URL: https://206.83.162.175/story.pl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7144f6c33178155c76adb673f0a9a30d015a336d06dc6a5a7f04eaa02125b29c

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 06 Sep 2021 04:18:18 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 18:56:31 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "805991a3e16dd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3302

GET
H2 200 hotjar-752745.js Show response
static.hotjar.com/c/ 0
345 B 115ms
56ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-752745.js?sv=6

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:19 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
etag: W/d41d8cd98f00b204e9800998ecf8427e
x-cache-hit: 1
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
content-length: 0
x-amz-cf-id: EPNLTos0e1RIxy3fXwYEVZA4Qa4emfzHLchnywVfX0XYY_nMV6d7MQ==

GET
H3-29 200 1891462874497957 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1891462874497957?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

edb222a0502cd7e6342648ee2a16ad0318c64828cf1b1b89d56c731dc55f08f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0Fhse3bwz8KYWtJ/owzCaKCiGgWS10b8yjzj1DDxiFfjWM0RbkvSOxq+8/iPewyVV7PG2OVVLo/m6ouuq1lrsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Sep 2021 04:18:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5992037.js Show response
bat.bing.com/p/action/ 0
109 B 140ms
140ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5992037.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Sep 2021 04:18:18 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 1BFEA2CB74EC4712AA40A449EB005AFB Ref B: FRAEDGE1215 Ref C: 2021-09-06T04:18:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5992037&Ver=2&mid=e0e7a6da-8d2d-4be2-bc00-119fed96815f&sid=770903800ec911ecbeb28bfa193207fe&vid=770921000ec911ecbc753720fa96ad00&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Page%20Not%20Found&p=https%3A%2F%2F206.83.162.175%2Fstory.pl&r=&lt=2042&evt=pageLoad&msclkid=N&sv=1&rn=50916
Requested by: Host: 206.83.162.175
URL: https://206.83.162.175/story.pl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 06 Sep 2021 04:18:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 53901BF7F5474CEA929A4F6B22723672 Ref B: FRAEDGE1215 Ref C: 2021-09-06T04:18:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 484741118974235 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 115ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/484741118974235?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59108b19d976eb97faed73e80cff99f57b5b16b8316066e797fcd879c478e935

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Y7j8DPIbNi53Y6CGFosrRNlR27YjU7Vi4X3IjifOuOQu6Ph6ysOO0e3vkOfsNB8GzAg+NJGA2LJdYY4fecl2qQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Sep 2021 04:18:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1891462874497957&ev=PageView&dl=https%3A%2F%2F206.83.162.175%2Fstory.pl&rl=&if=false&ts=1630901899034&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&it=1630901898957&coo=false&exp=p1&rqm=GET

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 06 Sep 2021 04:18:19 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484741118974235&ev=PageView&dl=https%3A%2F%2F206.83.162.175%2Fstory.pl&rl=&if=false&ts=1630901899162&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1630901898957&coo=false&exp=p1&rqm=GET

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Sep 2021 04:18:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1891462874497957&ev=Microdata&dl=https%3A%2F%2F206.83.162.175%2Fstory.pl&rl=&if=false&ts=1630901900537&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%22%2C%22meta%3Adescription%22%3A%22Page%20Not%20Found%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=1&o=30&it=1630901898957&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 06 Sep 2021 04:18:20 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484741118974235&ev=Microdata&dl=https%3A%2F%2F206.83.162.175%2Fstory.pl&rl=&if=false&ts=1630901900666&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%22%2C%22meta%3Adescription%22%3A%22Page%20Not%20Found%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1630901898957&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: 206.83.162.175
URL: https://206.83.162.175/story.pl

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://206.83.162.175/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:18:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Sep 2021 04:18:20 GMT

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			206.83.162.175/	1969-12-31 23:59:59	Name: s_ppv Value: Story.pl%2C49%2C49%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
			206.83.162.175/	1969-12-31 23:59:59	Name: s_ppvl Value: Story.pl%2C49%2C49%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
connect.facebook.net
docs.genworth.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.crazyegg.com
snap.licdn.com
somni.genworth.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.rtb123.com
108.174.10.14
13.36.218.177
142.250.185.66
18.66.97.10
206.83.162.175
2606:4700::6813:9408
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c08::9b
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.51.225.94
67.225.220.126
03644583235fa8a46300769345fd8080564f765cb31c3b1db6e461efd971f2be
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d008d55046466ab871e3fa4aa8d4c73bb689a8483d808f64ce4d8d03c64446
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641
1d1e996dbc7bcdb5e251be236791d9b7e1c6fc5a9e8a098bb28a6269e748443b
226ad89b82c3b56603574b2acbe55a8628c4cdab77ce4749ff46a309110a6805
2fd718fccfd2a813827373bc1f2cd192dc1ec0011467e456b1545fc9ee07f6a7
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3b32bbe13c8a4296d05a1323d716acfcbd4f1e4231c02c9fa84e60475a29695f
3bf4bd00b37221edd348e9c60a8cc7a6def61d5c5c8ea289a66a8bf1896ddc6f
4c1b118d910dcd3a2470e274e0a0de99605a1b06094b2dbc706f259dbbe48eb5
59108b19d976eb97faed73e80cff99f57b5b16b8316066e797fcd879c478e935
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
63016e00bf3c9e4967a24426a3d67733540100fff8221c74069842526f50d191
670f0f9f2f326f154d5b955bc42ed3b0f3a40e9a85ccdeab6b52e0e3bded427b
7144f6c33178155c76adb673f0a9a30d015a336d06dc6a5a7f04eaa02125b29c
745186213275d1f31f2ea5a84b8f8a56a6fdf9ca2f8344e00154569ce530814b
80a665323b1876589933bc5d1751d83c6baecaca89606cc0bb05e91869e5e119
841ffa28760809bd46b82f74aeeb410acb9ef8593c76d523ecbf11fa2ccc4cf1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b6e5826b75bc0bb1f309d99778c22d988622fbe0a93932bee773cfcaa33255f
980492bbf045d8206f17ebd8c3663da75806353a3cc4958b63dd35ba7fcb2c51
9d8aa11f66ada516ca50c09b4f26a646671fa46aea69ff9a3d5aa25f5078b3ed
9eba1009a33ce6ef81d90adbff673bb69391336783ea652f44568858e8e70784
a0544dfe503cefa0fafbc9901d952ed0ce0a23994422907f2a3971bf83ebbe81
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
a8650a03a5c798524c2f53812cf3f0d21c4a26ccf2783ce3d516eb6c5fca8a5c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bb72df6334b9dd91eda7f5fc151d951ee436f8b796fdfc5ea5a90734a250803d
bd941360d79f2382c8be4fe027598b865c78f7e84a2c9a0a48da3c685b24140f
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c89467de43ca90c689e0dab1ac6e0f980d949f263a6e323a36dc78b0144c7c3a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67677a851d8b58af12d23261a9283844b0e12d2ee27b28e92ec2a0cb0640db9
edb222a0502cd7e6342648ee2a16ad0318c64828cf1b1b89d56c731dc55f08f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f517a4467a45c5aaa554474748e717392bb91d3598a3e0ec8a7b83fe4baac0
f63aff045bd8bb427baec3ec8d46f468edee7f6ef609c8475fe362edebaa3f42
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

206.83.162.175 Open in urlscan Pro 206.83.162.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

65 %HTTPS

68 %IPv6

17 Domains

21 Subdomains

20 IPs

5 Countries

1657 kBTransfer

2867 kBSize

2 Cookies

19 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

206.83.162.175 Open in urlscan Pro
206.83.162.175 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

65 %
HTTPS

68 %
IPv6

17
Domains

21
Subdomains

20
IPs

5
Countries

1657 kB
Transfer

2867 kB
Size

2
Cookies

52 HTTP transactions
0 data transactions