quoteinsurancenorthcarolina.com Open in urlscan Pro
34.69.219.172 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://quoteinsurancenorthcarolina.com/
Effective URL:
https://quoteinsurancenorthcarolina.com/
Submission: On May 24 via api (May 24th 2024, 11:02:01 pm UTC) from NL — Scanned from NL

Summary HTTP 88 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 22 domains to perform 88 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is quoteinsurancenorthcarolina.com.
TLS certificate: Issued by R3 on April 9th 2024. Valid for: 3 months.

This is the only time quoteinsurancenorthcarolina.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: State Farm (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	65.9.95.118 65.9.95.118	16509 (AMAZON-02) (AMAZON-02)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	152.195.54.7 152.195.54.7	15133 (EDGECAST) (EDGECAST)
2	2.23.66.89 2.23.66.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
4	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
3	104.198.70.133 104.198.70.133	15169 (GOOGLE) (GOOGLE)
1 3	52.214.77.117 52.214.77.117	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
2	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1 1	52.30.166.91 52.30.166.91	16509 (AMAZON-02) (AMAZON-02)
1	23.197.115.137 23.197.115.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.51.22.204 52.51.22.204	16509 (AMAZON-02) (AMAZON-02)
1	104.96.136.126 104.96.136.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	137.66.27.45 137.66.27.45	40509 (FLY) (FLY)
2	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	146.75.120.84 146.75.120.84	54113 (FASTLY) (FASTLY)
1	65.9.99.119 65.9.99.119	16509 (AMAZON-02) (AMAZON-02)
1	65.9.97.248 65.9.97.248	16509 (AMAZON-02) (AMAZON-02)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
88	30

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

quoteinsurancenorthcarolina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.95.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-118.prg50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 152.195.54.7 (United States)

ASN15133 (EDGECAST, US)

static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ac2.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.66.89 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-66-89.deploy.static.akamaitechnologies.com

cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com

mx-api.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.77.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-77-117.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.166.91 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-166-91.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.115.137 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-115-137.deploy.static.akamaitechnologies.com

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.22.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-22-204.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.136.126 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-136-126.deploy.static.akamaitechnologies.com

a8367280580.cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.66.27.45 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.120.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.99.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-119.prg50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-248.prg50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 14715 static2.st8fm.com — Cisco Umbrella Rank: 98602 ac2.st8fm.com — Cisco Umbrella Rank: 92606	743 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 901 tr6.snapchat.com — Cisco Umbrella Rank: 1398	709 B
5	optimizely.com cdn-pci.optimizely.com — Cisco Umbrella Rank: 10274 tapi.optimizely.com — Cisco Umbrella Rank: 14763 a8367280580.cdn-pci.optimizely.com — Cisco Umbrella Rank: 43946 logx.optimizely.com — Cisco Umbrella Rank: 1587	137 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4015	71 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 902	5 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 60176	3 KB
4	mirus.io mx-api.prod.mirus.io — Cisco Umbrella Rank: 649887 peachy.prod.mirus.io — Cisco Umbrella Rank: 305706 ephemera.mirus.io — Cisco Umbrella Rank: 273935	23 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	36 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380 maps.googleapis.com — Cisco Umbrella Rank: 361 fonts.googleapis.com — Cisco Umbrella Rank: 33	112 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1370 insight.adsrvr.org — Cisco Umbrella Rank: 691	5 KB
3	statefarm.com www.statefarm.com — Cisco Umbrella Rank: 18946 smetrics.statefarm.com — Cisco Umbrella Rank: 45286	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 911	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	214 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103	39 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	264 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	255 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1134	19 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	59 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1317	517 B
1	quoteinsurancenorthcarolina.com quoteinsurancenorthcarolina.com	16 KB
0	c1.statefarm Failed deel-id-persistence.deel.c1.statefarm Failed
88	22

	Domain	Requested by
26	static1.st8fm.com	quoteinsurancenorthcarolina.com static1.st8fm.com ajax.googleapis.com static2.st8fm.com
5	static2.st8fm.com	quoteinsurancenorthcarolina.com
5	nexus.ensighten.com	quoteinsurancenorthcarolina.com nexus.ensighten.com
4	ct.pinterest.com	static1.st8fm.com s.pinimg.com
4	tr.snapchat.com	sc-static.net
4	cdnjs.cloudflare.com	quoteinsurancenorthcarolina.com
3	dpm.demdex.net	1 redirects quoteinsurancenorthcarolina.com
2	insight.adsrvr.org	js.adsrvr.org
2	s.pinimg.com	quoteinsurancenorthcarolina.com s.pinimg.com
2	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
2	peachy.prod.mirus.io	static1.st8fm.com
2	smetrics.statefarm.com	nexus.ensighten.com quoteinsurancenorthcarolina.com
2	maps.googleapis.com	quoteinsurancenorthcarolina.com static1.st8fm.com
2	ac2.st8fm.com	quoteinsurancenorthcarolina.com
2	cdn-pci.optimizely.com	quoteinsurancenorthcarolina.com cdn-pci.optimizely.com
2	maxcdn.bootstrapcdn.com	quoteinsurancenorthcarolina.com
1	tr6.snapchat.com	sc-static.net
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	sc-static.net	quoteinsurancenorthcarolina.com
1	js.adsrvr.org	www.googletagmanager.com
1	connect.facebook.net	quoteinsurancenorthcarolina.com connect.facebook.net
1	ephemera.mirus.io
1	logx.optimizely.com	static1.st8fm.com
1	a8367280580.cdn-pci.optimizely.com	cdn-pci.optimizely.com
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	tapi.optimizely.com	cdn-pci.optimizely.com
1	cm.everesttech.net	1 redirects
1	fonts.googleapis.com	static1.st8fm.com
1	mx-api.prod.mirus.io	quoteinsurancenorthcarolina.com
1	www.statefarm.com	quoteinsurancenorthcarolina.com
1	ajax.googleapis.com	quoteinsurancenorthcarolina.com
1	quoteinsurancenorthcarolina.com
0	deel-id-persistence.deel.c1.statefarm Failed	nexus.ensighten.com
88	35

This site contains links to these domains. Also see Links.

Domain
www.statefarm.com
proofing.statefarm.com
www.facebook.com
www.instagram.com
twitter.com
financials.statefarm.com
get-id-card.delitess.c1.statefarm
www.jaredspencerinsurance.com
brokercheck.finra.org
static1.st8fm.com
trupanion.com

Subject Issuer	Validity	Valid
quoteinsurancenorthcarolina.com R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-25` - `2025-01-24`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
mx-api.prod.mirus.io R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-25` - `2025-01-24`	a year	crt.sh
logx.optimizely.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-11-10`	6 months	crt.sh
peachy.prod.mirus.io R3	`2024-04-08` - `2024-07-07`	3 months	crt.sh
ephemera.mirus.io R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://quoteinsurancenorthcarolina.com/
Frame ID: 196D21592FA84CC7EA87559D1DFFB98B
Requests: 82 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 57C8B407AD078796BA59364A57D0D823
Requests: 1 HTTP requests in this frame

Frame: https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html
Frame ID: 739234CADC7E9977F73BC26ED0418F01
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 7EAA2F5203C132EE76FDE9F6950956BD
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: D50A9B0956F3A15ED1B8B455CC6A500D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=b81eadf8-1111-424f-b645-4073b99f3413&u_sclid=e47d830d-bba3-48c2-9964-c0936a1f293e
Frame ID: 09980551201B00B0D6C28EEE1F684C32
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 15AC5E9952D57C31269E67EF7D9090FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jared Spencer - State Farm Insurance Agent in Sanford, NC

Page URL History Show full URLs

http://quoteinsurancenorthcarolina.com/ HTTP 307
https://quoteinsurancenorthcarolina.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

88
Requests

94 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

30
IPs

5
Countries

1505 kB
Transfer

4757 kB
Size

27
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statefarm.com/#oneX-main-content
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/nc/sanford/jared-spencer-wsg337bxpal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/245418532912821

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jaredspencerstatefarm/

Search URL Search Domain Scan URL

URL: https://twitter.com/JaredSpencerSF

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/guest-pay/
Title: Pay a Bill

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote
Title: or continue a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/nc/sanford/jared-spencer-wsg337bxpal/map?officeAssociateId=ZWTQQ7KYRAK
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.jaredspencerinsurance.com/
Title: www.jaredspencerinsurance.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/pdf/billing-options-product-sheet.pdf
Title: Pay your way

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/life

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/home-and-property/ting-fire-safety/?cmpid=Link%3ATing%3AAgent+Website
Title: Explore Ting

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/small-business-solutions/insurance/contact#agentAssociateID=WSG337BXPAL&source=proxyagentdomain
Title: small business insurance

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/download-mobile-apps/life-enhanced
Title: Take a closer look

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA's Broker Check

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: http://www.statefarm.com/IPS/prospectus/
Title: prospectus page

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://quoteinsurancenorthcarolina.com/ HTTP 307
https://quoteinsurancenorthcarolina.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1716591715351 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1716591715351

Request Chain 29

https://cm.everesttech.net/cm/dd?d_uuid=11291392043448576103204278365097637707 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlEcZAAAAEq-oAN-

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
quoteinsurancenorthcarolina.com/
Redirect Chain

http://quoteinsurancenorthcarolina.com/
https://quoteinsurancenorthcarolina.com/

61 KB
16 KB

475ms
210ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://quoteinsurancenorthcarolina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: /
Resource Hash: 518a20d06b5bfb8db8f47e3858952e914807f5d2fd1fdfb9095e5869dffc2d6f

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 23:01:54 GMT
vary: origin,accept-encoding
x-cheesecrd-backend: mx-api
x-cheesecrd-lookup: master:quoteinsurancenorthcarolina.com/
x-cheesecrd-path: /
x-microsite-source: https://www.statefarm.com/agent/us/nc/sanford/jared-spencer-wsg337bxpal

Redirect headers

Location: https://quoteinsurancenorthcarolina.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
29 KB 441ms
40ms Script
application/javascript 65.9.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-118.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: a83e29645fe545dd490dbb9d55316febbe535585f9026cd390c153722a8f3f47

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 19:38:34 GMT
x-amz-version-id: GEmPRDYihtLpEA1qXfwsL2NBQ9aNN8bE
content-encoding: br
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 98601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 May 2024 19:38:10 GMT
server: CloudFront
etag: W/"8a35137f55c30258f405c0e1c7294bc7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: qf9c_cHH5oNgCUivMUIA7y_JNWoXtUHfaxNylKj5NxpVVuCceDeycw==

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
25 KB 84ms
49ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1479791
cdn-cachedat: 03/18/2024 12:59:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7e923ad223e9f33e54d22e50cf2bcce5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1d559099bde28f4d5d756c3a33fe574b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8890e90a5eb290f2-FRA
cdn-requestpullsuccess: True

GET
H2 200 normalize.css
static1.st8fm.com/en_US/dxl-1x/prod/css/lib/ 16 KB
6 KB 625ms
304ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/lib/normalize.css

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D64) /

Resource Hash

1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2024 19:41:01 GMT
server: ECD (dcd/7D64)
age: 2969
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 5846
expires: Sat, 25 May 2024 03:01:55 GMT

GET
H2 200 1x.core.css
static1.st8fm.com/en_US/dxl-1x/prod/css/ 643 KB
72 KB 420ms
100ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

0ced4b6e7d3109e169298214cf79c4df62c85e9e5734a253f39291dd6652ff82

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2024 19:41:01 GMT
server: ECD (dcd/7D78)
age: 2179
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 73767
expires: Sat, 25 May 2024 03:01:55 GMT

GET
H2 200 8421581994.js Show response
cdn-pci.optimizely.com/js/ 618 KB
134 KB 132ms
42ms Script
text/javascript 2.23.66.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/8421581994.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.66.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-66-89.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

b1d66b8b535538b6bea4355bf12f11597f66c0616cac6c09b23db46722acd92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: .oIwLXbRwtT4iUNTgEF7j6r8g9NGodSD
content-encoding: gzip
date: Fri, 24 May 2024 23:01:55 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: DFR4WZPFJG9812MP
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 47941
x-amz-replication-status: PENDING
content-length: 136332
x-amz-id-2: c2cmHOk/RGBBnnaA9ouq/k5x00hinenmMdzuKdb/VwJJev1vOds7clNT53Z1NULkh/VydMWEt/w=
last-modified: Thu, 23 May 2024 18:51:30 GMT
server: AmazonS3
etag: "47805a307e44a1b0d4a8e4a786991a50"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 StateFarmCommon.js Show response
static1.st8fm.com/en_US/b2c_dvts/common/js/lib/ 1 KB
875 B 624ms
305ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B84) /

Resource Hash

4e9b64fb0adeef1125cc4560e7d971af9d67803f1f2418536920b155143394b2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
server: ECD (dac/9B84)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 758
expires: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 375ms
20ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:55:00 GMT

GET
H3 200 handlebars.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/ 160 KB
29 KB 66ms
40ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/handlebars.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 600850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29180
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-27e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZU1CLO%2Bv%2BugzBGuNBEY81vm%2BBgeEDJEt7EqehYrkaCjHu%2BmvVeC3EaZ6Xi%2BL5uAKyb2nQ%2Fx5%2FHVtj8Urx1UTz40vxOgSSwUBVUWVCcDNbUh%2BlQNIjS0K3qWqgQnYBqZ8XmloSec"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8890e90a49a80476-FRA
expires: Wed, 14 May 2025 23:01:54 GMT

GET
H2 200 1x.core.js Show response
static1.st8fm.com/en_US/dxl-1x/prod/js/ 346 KB
106 KB 518ms
200ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

82cc35f86f2c608fc99cdb23e4792b4a1e0de98c2cca8bda3a9faa0f9efb6f12

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2024 19:41:01 GMT
server: ECD (dcd/7D78)
age: 2180
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 108242
expires: Sat, 25 May 2024 03:01:55 GMT

GET
H2 200 1x.client.js Show response
static1.st8fm.com/en_US/dxl-1x/prod/js/ 3 KB
1 KB 622ms
304ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/js/1x.client.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D18) /

Resource Hash

785b6692d256f8286db7fff9d1e8caf87508b8e25721ac968bf5626eb3e82dbe

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2024 19:41:01 GMT
server: ECD (dcd/7D18)
age: 1245
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1280
expires: Sat, 25 May 2024 03:01:55 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 61ms
29ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3992687
cdn-cachedat: 03/18/2024 12:46:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e3f3bfe1b89f7f16a5a4802a3640b8c7
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8890e90a5eaf90f2-FRA
cdn-requestpullsuccess: True

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/ 7 KB
3 KB 86ms
61ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 176420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2382
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2ORpgNXCe1nuUWRG0P4FU5WuqbfrGHPnJWssrOlOY4ROph3yyZVuAKpGXAsg74LKkZ01SFFxYt%2B%2BxsDrWtINN5W9flTMcAliE7o5Sba71QevSdikrEx6Z45yXvE6M5m%2FwPlIrLI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8890e90a59b30476-FRA
expires: Wed, 14 May 2025 23:01:54 GMT

GET
H3 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 5 KB
3 KB 86ms
61ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2092
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HE%2B8KLKlCKNZh%2BA30DE%2FbbozYtV%2F%2FfqolztlYWgDCYxUuumY%2BjIH3YwgtxCj9ovrJQ0k4oDfjRA1%2BZk%2Fq8OaIvV01j5SHvBPfCMqW10hexCezPJqQAv7q40fZQKC5QsU%2FQHVTARZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8890e90a59b80476-FRA
expires: Wed, 14 May 2025 23:01:54 GMT

GET
H3 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 4 KB
2 KB 103ms
78ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.plugins.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 182506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1222
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-106c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMpzy5CUvs5f7Ku1UEUymqtLepE41bxxxpTc01wgmMEVwI2PPks7jL9wVfIx6sU%2FdB3mK5NL9T%2FPFSGg%2FsP5ZVtFbFmYCKAQmLksLB7fXRp3UQU63V7%2FjXvnku6VB5F9pRIyli1y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8890e90a59be0476-FRA
expires: Wed, 14 May 2025 23:01:54 GMT

GET
H2 200 util.min.js Show response
static1.st8fm.com/en_US/dxl/js/min/ 29 KB
9 KB 621ms
304ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl/js/min/util.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D64) /

Resource Hash

240422c986046f61655378669aca9bc6e6369c8f7c2897c0c73f7313eac34fed

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 16:56:04 GMT
server: ECD (dcd/7D64)
age: 1291
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 9231
expires: Sat, 25 May 2024 03:01:55 GMT

GET
H2 200 microsite.min.css
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/styles/ 4 KB
1 KB 417ms
100ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/styles/microsite.min.css

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D18) /

Resource Hash

0ce746d53f93bcedd2268c7bc83ab676cf5b6e1ebb8563d8033b580a30a95571

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2024 18:09:01 GMT
server: ECD (dcd/7D18)
age: 75399
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-frame-options: DENY
accept-ranges: bytes
content-length: 1255
expires: Fri, 31 May 2024 23:01:55 GMT

GET
H2 200 formalColorFull.jpg
ac2.st8fm.com/associate-photos/W/WSG337BXPAL/ 16 KB
16 KB 697ms
133ms Image
image/jpeg 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ac2.st8fm.com/associate-photos/W/WSG337BXPAL/formalColorFull.jpg

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

92609df5f0c5e04e012a8e77798f57a57aea1059f24501c8cd1f15e8d77d05e7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
last-modified: Thu, 20 Aug 2015 06:11:46 GMT
server: ECD (dac/9B85)
age: 1556
etag: "eec3a417fdbd01:0"
x-frame-options: DENY
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 16638

GET
H2 200 JDPowerAwardLife.jpg
static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/ 87 KB
88 KB 229ms
229ms Image
image/jpeg 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/JDPowerAwardLife.jpg

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D27) /

Resource Hash

984c8bac9b63099b2f9c4bb8c5ca07693dd08dbacb2d74ddc74bd63a346a9c28

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
last-modified: Thu, 11 Apr 2024 18:42:33 GMT
server: ECD (dcd/7D27)
age: 362956
x-frame-options: DENY
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 89482
expires: Fri, 31 May 2024 23:01:55 GMT

GET
H2 200 StateFarmisThere_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 17 KB
17 KB 100ms
100ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/StateFarmisThere_en_desktop.png

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D27) /

Resource Hash

746164f668cd2513526e7b3bc8bc14c980c03fb967b4015f898164a89da8e70a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
last-modified: Thu, 28 Apr 2022 20:22:21 GMT
server: ECD (dcd/7D27)
age: 399481
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17093
expires: Fri, 31 May 2024 23:01:55 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 245 KB
80 KB 398ms
44ms Script
text/javascript 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

241a2d93d5f2214485b768be76f1c32ec63f27fee0f2ed0da1a4a818776946e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81854
x-xss-protection: 0

GET
H2 200 cookie Show response
www.statefarm.com/agent/ 0
807 B 418ms
307ms Script
text/plain 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.statefarm.com/agent/cookie?associateID=WSG337BXPAL&app=AMS

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: ECD (dac/9B85)
x-frame-options: DENY
content-language: en-US
x-vcap-request-id: 3b5df97b-fdeb-4151-6cf2-ae7d853a28b3
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 jquery.mobile-1.2.0.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/scripts/ 111 KB
40 KB 102ms
102ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/scripts/jquery.mobile-1.2.0.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D5C) /

Resource Hash

b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2024 18:09:01 GMT
server: ECD (dcd/7D5C)
age: 75399
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-frame-options: DENY
accept-ranges: bytes
content-length: 40312
expires: Fri, 31 May 2024 23:01:56 GMT

GET
H2 200 microsite.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/scripts/ 6 KB
2 KB 138ms
138ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/scripts/microsite.min.js
Requested by: Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (dcd/7D27) /
Resource Hash: 888165779244419daa6a82b858ed72f88a9d9675635ae358a5959408b7f06b2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2024 18:09:01 GMT
server: ECD (dcd/7D27)
age: 75407
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1892
expires: Fri, 31 May 2024 23:01:56 GMT

GET
H2 200 quoteModule.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/scripts/ 4 KB
1 KB 106ms
101ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/scripts/quoteModule.min.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

d5ff4774cbab55de7f7e9e414084b6ff80a5cf4c652e642291ffffcd1690923d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2024 18:09:01 GMT
server: ECD (dcd/7D78)
age: 75432
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-frame-options: DENY
accept-ranges: bytes
content-length: 1417
expires: Fri, 31 May 2024 23:01:56 GMT

GET
H2 200 peachy-client Show response
mx-api.prod.mirus.io/ 65 KB
20 KB 416ms
136ms Script
text/html 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mx-api.prod.mirus.io/peachy-client

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: origin,accept-encoding
content-type: text/html; charset=utf-8

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1716591715351
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1716591715351

1 KB
1 KB

36ms
35ms

XHR
application/json

52.214.77.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1716591715351

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Server

52.214.77.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-77-117.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6cbbf0ba2d6d20d1fffd16fcef92605209a35c4c00410ed9ed508013b05b2544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v061-0e44f6642.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 24 May 2024 23:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: IDkmlOXDTGk=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 623
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v061-093acb7a6.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 24 May 2024 23:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dmjjuzKwROE=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1716591715351
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 497 B
828 B 58ms
55ms Script
text/javascript 65.9.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20May%2023%2019:38:08%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-118.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: dee13bd09aedf355d784b3e0233bf2f8960aa991de30e9b6fc350090ffdd9ca0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 497
x-amz-cf-id: 4XI-t_35M51c_lMfpkH7YAYV3Hy-uLrq25ECYjiT1_tt-1AXQGHinA==
expires: Fri, 24 May 2024 23:01:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 378ms
29ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f138.1e100.net

Software

ESF /

Resource Hash

6195dc420a7c2f60abd30c9bc46985ac75ee25b6119ebc93028ed050926b0f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 May 2024 23:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 May 2024 22:09:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 May 2024 23:01:55 GMT

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
475 B 110ms
32ms XHR
application/x-javascript 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=03217960798286356062858483915534957719&ts=1716591715525

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

9fa671507453033dc29100d755053ca2cfb3d2461e07f460086e00917e9d839e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 May 2024 23:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZlEcZAAAAEq-oAN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=11291392043448576103204278365097637707
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlEcZAAAAEq-oAN-

42 B
717 B

35ms
35ms

Image
image/gif

52.214.77.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlEcZAAAAEq-oAN-

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Server

52.214.77.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-77-117.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v061-0a3570a5a.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 24 May 2024 23:01:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: gGcA7dqZTb8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlEcZAAAAEq-oAN-
Date: Fri, 24 May 2024 23:01:56 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK oeu1716591715860r0.9052957247274054 Show response
tapi.optimizely.com/api/targeting/8421581994/8453960666/ 31 KB
2 KB 902ms
516ms XHR
application/json 23.197.115.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/targeting/8421581994/8453960666/oeu1716591715860r0.9052957247274054
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.197.115.137 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-115-137.deploy.static.akamaitechnologies.com
Software: nginx/1.15.12 / Express
Resource Hash: 00a735022a0585ebce6bbc8df6dd9a1c84ac4f539523c318b5606b09b642e070

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 24 May 2024 23:01:56 GMT
Content-Encoding: gzip
Server: nginx/1.15.12
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://quoteinsurancenorthcarolina.com
Cache-Control: max-age=1200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1616

GET
H2 200 geo4.js Show response
cdn-pci.optimizely.com/js/ 309 B
751 B 39ms
37ms Script
application/javascript 2.23.66.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/geo4.js

Requested by

Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.66.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-66-89.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

e44e80fe7efafc808a605839ce99afd00c86bf82185c46353e3aa83973a5c8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15768000
x-amz-version-id: OAjfW2hsfUCB6ky0IKAo94yDIUDQOyvh
date: Fri, 24 May 2024 23:01:56 GMT
x-amz-request-id: J07PJGM9A59HK4RH
x-amz-replication-status: COMPLETED
content-length: 309
x-amz-id-2: bo6YdZ+5JM+ByZVThdIBjXfGui+3VSBPEZ7djUYETGPnl/sp+Ji2GzEy7Q5fyMv98BpSY/OJDEY=
server: AmazonS3
etag: "ab711da6d329d2f9dabaf111028b5243"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 StateFarmCommon.js Show response
static1.st8fm.com/en_US/b2c_dvts/common/js/lib/ 292 KB
166 KB 257ms
257ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B84) /

Resource Hash

bff54ba77cd196d04d70fe4be700ea230efc62fec8fa582bf543769e4c8529bc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
server: ECD (dac/9B84)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600, immutable

GET
H2 200 ErrorPage.json Show response
static1.st8fm.com/en_US/errors/1/ 4 KB
866 B 266ms
265ms Script
application/json 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/errors/1/ErrorPage.json?callback=jQuery321017778119586477192_1716591716239&_=1716591716240

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 13:13:01 GMT
server: ECD (dac/9B85)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
x-cnection: close
accept-ranges: bytes
content-length: 636
expires: Fri, 24 May 2024 23:01:56 GMT

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 57C8 0
0 97ms
29ms Document
text/html 52.51.22.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.22.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-22-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 24 May 2024 23:01:56 GMT
dcs: dcs-prod-irl1-1-v061-039e3d43e.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 9 May 2024 11:56:16 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: +oWEADJqQL0=

GET
H2 200 a8367280580.html
a8367280580.cdn-pci.optimizely.com/client_storage/ Frame 7392 0
0 165ms
45ms Document
text/html 104.96.136.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html

Requested by

Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.136.126 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-136-126.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 844
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 23:01:56 GMT
etag: "f495c19543d8309b5a56b67f27214d61"
last-modified: Thu, 23 May 2024 18:51:09 GMT
server: AmazonS3
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: RofKPgWtB6chfv9iViRj6DjmuW6o2naDXZ/F1WNEaebgGtmArpcA3dKKd4FSIiXmMLlr1CR/fGs=
x-amz-meta-pci_enabled: True
x-amz-replication-status: COMPLETED
x-amz-request-id: KWFNXDT1X9Y54NMK
x-amz-server-side-encryption: AES256
x-amz-version-id: WFc.vxyTCSWjPNtFKF8UuRl6s4ESdIiB

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 81ms
37ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 social_media_icons.png
static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/ 6 KB
6 KB 100ms
100ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/social_media_icons.png

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-204/styles/microsite.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D27) /

Resource Hash

89d9a08ed4bd71f312ebb4e119de4fbec2413c382cf0370640fac3eb3b1d318f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static2.st8fm.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 29 Aug 2023 15:31:26 GMT
server: ECD (dcd/7D27)
age: 362956
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6505
expires: Fri, 31 May 2024 23:01:56 GMT

GET
H2 200 chevron.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/core/ 5 KB
1 KB 100ms
100ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/core/chevron.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D27) /

Resource Hash

cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:47:38 GMT
server: ECD (dcd/7D27)
age: 2966
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1357
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 MecherleSans-Regular.woff2
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 408ms
103ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Regular.woff2

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D18) /

Resource Hash

891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 05 Mar 2024 16:46:59 GMT
server: ECD (dcd/7D18)
age: 2969
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 31948
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 MecherleSans-Medium.woff2
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 407ms
102ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Medium.woff2

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D5C) /

Resource Hash

befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 05 Mar 2024 16:47:09 GMT
server: ECD (dcd/7D5C)
age: 421
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32200
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 606ms
301ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-SemiBold.woff2

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 05 Mar 2024 16:46:58 GMT
server: ECD (dcd/7D78)
age: 2969
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32208
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 MecherleSans-Bold.woff2
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 408ms
103ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Bold.woff2

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 05 Mar 2024 16:46:59 GMT
server: ECD (dcd/7D78)
age: 2961
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 31812
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 MecherleLegal-Regular.woff2
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 32 KB
32 KB 609ms
305ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleLegal-Regular.woff2

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D18) /

Resource Hash

ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 05 Mar 2024 16:47:02 GMT
server: ECD (dcd/7D18)
age: 2183
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32844
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 informalColorFull.jpg
ac2.st8fm.com/associate-photos/W/WSG337BXPAL/ 8 KB
8 KB 218ms
218ms Image
image/jpeg 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ac2.st8fm.com/associate-photos/W/WSG337BXPAL/informalColorFull.jpg

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9CA0) /

Resource Hash

422f0d1c2743f76a5b138e708580133a10eade0fe27a399e982a31e5bd44c7f4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 06 Jan 2015 05:13:07 GMT
server: ECD (dac/9CA0)
age: 14
etag: "3d14bf746f29d01:0"
x-frame-options: DENY
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 8375

GET
H3 200 fa5f15665371f3ad7c73d816ca040130.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 143 KB
38 KB 42ms
42ms Script
application/javascript 65.9.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/fa5f15665371f3ad7c73d816ca040130.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-118.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0c60d18a74be38366feb7c9f5e83acb67f3d6003105acddc4f9532e338e51729

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 16:42:29 GMT
x-amz-version-id: tC9sangEtNKZ_vrMsHb3U.eUPlNwE.wr
content-encoding: br
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
age: 195568
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 May 2024 16:42:25 GMT
server: CloudFront
etag: W/"37c148f883409157c87eaad2bfc94259"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: snLQUIughALyChRE2pMDhU3ypO37gWevUBdIfEoP43wvV5cJQA0vng==

GET
H3 200 ab56deae6d6a452631d1ddbff7562ad3.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 38ms
37ms Script
application/javascript 65.9.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/ab56deae6d6a452631d1ddbff7562ad3.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-118.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 395646e930760843a5cf04387e788dd51c73cba887b03ecbc0287163f8e04abb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 16:23:59 GMT
x-amz-version-id: i5NNQvbUc.0uQim1m24p.hJgOoGhdxRh
content-encoding: br
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
age: 2183878
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Apr 2024 16:23:53 GMT
server: CloudFront
etag: W/"dddc06b029935564d99cda3e7c11d3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: -l9eJRmG6kM1pjS3rssmiroJCpSewpLNGXIAo9TgoTNfV-TowjDKkg==

GET
H3 200 445d4184a34d46baef33b69105e5b340.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 38ms
38ms Script
application/javascript 65.9.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/445d4184a34d46baef33b69105e5b340.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-118.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: c4660318b2f7fa5bd4381ea744ae7e274f60ea0895768b125d1f6a4313b19295

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 19:38:16 GMT
x-amz-version-id: Li2JDigCXE.RYgzp4igHJaq.T8Dcxwrr
content-encoding: br
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
age: 98621
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 May 2024 19:38:10 GMT
server: CloudFront
etag: W/"3a5f9897a168e5eaaed4dbc43371d43d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 1zHP-VQU2qL0NQcX55G0Lb5R3jnUKuxlPV7yrz9kLudEwoVBFTm7ew==

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H2 200 navigation-footer-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/ 1 KB
533 B 492ms
306ms XHR
text/html 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/navigation-footer-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

db328693065730fc4066970235b2cc48c813e3c3433e10f8ba002051b2467ee2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: text/html, */*; q=0.01
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2024 19:42:01 GMT
server: ECD (dcd/7D78)
age: 2138
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 459
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 navigation-header-unauth-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/header/ 6 KB
2 KB 491ms
307ms XHR
text/html 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/header/navigation-header-unauth-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

b61a02f07e674f75d5791e3626019e1b7ab55de6ce932ab58a987e79748cb913

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: text/html, */*; q=0.01
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2024 19:42:01 GMT
server: ECD (dcd/7D78)
age: 2956
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1604
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 MecherleSans-RegularItalic.woff2
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 33 KB
33 KB 456ms
302ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-RegularItalic.woff2

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D18) /

Resource Hash

1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static1.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
last-modified: Tue, 05 Mar 2024 16:47:00 GMT
server: ECD (dcd/7D18)
age: 2173
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 34016
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 chat_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 565 B
387 B 483ms
306ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/chat_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D64) /

Resource Hash

980c9d8469c5132d294a0b1b877fbd353decdf9ae788c659bbbd07eb0e793136

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:52:11 GMT
server: ECD (dcd/7D64)
age: 2100
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 308
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 phone_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 405 B
344 B 483ms
306ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/phone_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:30 GMT
server: ECD (dcd/7D78)
age: 2894
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 278
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 email_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 251 B
299 B 481ms
305ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/email_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D5C) /

Resource Hash

b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:55 GMT
server: ECD (dcd/7D5C)
age: 337
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 206
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 payment_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 702 B
505 B 481ms
305ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/payment_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D78) /

Resource Hash

59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:03 GMT
server: ECD (dcd/7D78)
age: 1118
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-cnection: close
x-frame-options: DENY
accept-ranges: bytes
content-length: 425
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 id_card_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 468 B
342 B 480ms
306ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/id_card_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D18) /

Resource Hash

de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:58 GMT
server: ECD (dcd/7D18)
age: 90
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-cnection: close
x-frame-options: DENY
accept-ranges: bytes
content-length: 276
expires: Sat, 25 May 2024 03:01:56 GMT

GET
BLOB 200
OK 8b801cf5-08ec-4baa-9a38-7d09371eb474
https://quoteinsurancenorthcarolina.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://quoteinsurancenorthcarolina.com/8b801cf5-08ec-4baa-9a38-7d09371eb474
Requested by: Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H2 200 s38902177747960
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
347 B 35ms
34ms Image
image/gif 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s38902177747960?AQB=1&ndh=1&pf=1&t=25%2F4%2F2024%201%3A1%3A56%206%20-120&D=..&mid=03217960798286356062858483915534957719&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-v%3Awsg337bxpal&g=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&ch=sf%3Aus%3Aagent-micro-v&server=quoteinsurancenorthcarolina.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-v%3Awsg337bxpal&h1=home%7Cagent-micro-v%7Cwsg337bxpal&c4=sf%3Aagent-micro-v%3Awsg337bxpal&v6=quoteinsurancenorthcarolina.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=friday%7C6%3A00pm&v50=5%2F24%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F125.0.0.0%20safari%2F537.36&c70=en-us&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 25 May 2024 23:01:56 GMT
server: jag
etag: 3686352642122252288-4618488642365867869
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 23 May 2024 23:01:56 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
396 B 150ms
114ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 23:01:57 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 972279a9-c909-4110-965d-01afebbb3522

GET
H2 200 state-farm-logo-4.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 9 KB
3 KB 101ms
100ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-4.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D27) /

Resource Hash

c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:49:33 GMT
server: ECD (dcd/7D27)
age: 2969
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 3308
expires: Sat, 25 May 2024 03:01:56 GMT

GET
H2 200 state-farm-logo-5.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 3 KB
1 KB 101ms
101ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-5.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D64) /

Resource Hash

af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:56 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:49:30 GMT
server: ECD (dcd/7D64)
age: 2176
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1290
expires: Sat, 25 May 2024 03:01:56 GMT

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame 0
0 405ms
128ms Preflight 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://quoteinsurancenorthcarolina.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 24 May 2024 23:01:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/null/events/ 66 B
321 B 133ms
133ms Fetch
application/json 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

e09b2dd524e17cf66ad4c4bd3eae7f7069b63ef564f533f5fb81bdfef01ec93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://quoteinsurancenorthcarolina.com/
keen-sdk: javascript-5.0.1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 66

GET
H2 200 sf-favicon.webp
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/etc/ 2 KB
2 KB 519ms
165ms Other
image/webp 137.66.27.45
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/etc/sf-favicon.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/ff37a3cc6 (2024-05-21) /

Resource Hash

e7d81a33da300471a6c28b35334a29cee3e4dd110f39265245d74971302e670d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01HYPDDTZS89K1RNSQ738D1944-ams
server: Fly/ff37a3cc6 (2024-05-21)
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/etc/sf-favicon.webp--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-instance: 9080eee0c27998
x-region: ewr
content-disposition: inline
content-length: 2182
expires: Fri, 24 May 2024 23:47:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 548 KB
111 KB 405ms
30ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

613dbaad77d3b1ba267776f9a707ac07470f01e7cf2d0da80a8efb5c688e7e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113481
x-xss-protection: 0
last-modified: Fri, 24 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 23:01:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 30ms
29ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

54e179b782d60d9d3765632a985e75ebaa93084840b37dfe5a2bdbd2a0f281ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 23:01:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 376ms
26ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 23:01:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1314, tbw=2795, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma: public
x-fb-debug: 18q33wzwqrE4c20MpBC2RuEcE8BoVnw/icaSSqajlaDNBqT/oq/aAo+uRiNVNN1z+KBBSL0nblwxUfl+nmPnyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 373ms
20ms Script
application/javascript 146.75.120.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
content-encoding: br
x-cdn: fastly
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1881

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 103ms
33ms Script
application/x-javascript 65.9.99.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-99-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 06:47:17 GMT
Content-Encoding: gzip
Via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 May 2024 07:02:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 58483
x-amz-server-side-encryption: AES256
ETag: W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: x6Nl0stqe0Zb8GFgOAivbXCXTWYzLZZEwaUXiW4kj4yuuU5ZVchjNw==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 45 KB
19 KB 142ms
66ms Script
application/javascript 65.9.97.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: quoteinsurancenorthcarolina.com
URL: https://quoteinsurancenorthcarolina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-97-248.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 30f7a4420ae1e0cf7e0a30b7b1e8a2764afb4ff07b0509a102adadaa11695c80

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19233
x-amz-cf-id: lywEFK4zTMfLX-GtEmLBOBMytHXX_99qaBgDlMoHbdedf3KX5iu5mw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 355ms
17ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je45m0v9178161793z8849799669za200zb849799669&_p=1716591718437&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=338211130.1716591719&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716591719&sct=1&seg=0&dl=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&dt=Jared%20Spencer%20-%20State%20Farm%20Insurance%20Agent%20in%20Sanford%2C%20NC&en=page_view&_fv=1&_nsi=1&_ss=1&ep.microsite_name=sf%3Aus%3Aagent-micro-v%3Awsg337bxpal&tfd=4644
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 371ms
21ms Ping
text/plain 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3WRNTYXP84&cid=338211130.1716591719&gtm=45je45m0v9178161793z8849799669za200zb849799669&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 75ms
32ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3WRNTYXP84&cid=338211130.1716591719&gtm=45je45m0v9178161793z8849799669za200zb849799669&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1598548111

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 7EAA 0
0 35ms
32ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Fri, 24 May 2024 23:01:59 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame D50A 0
0 31ms
30ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F&upid=9nilek2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Fri, 24 May 2024 23:01:59 GMT
server: Kestrel

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.js Show response
tr.snapchat.com/config/com/ 200 B
487 B 170ms
113ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.js?v=3.17.0-2405241718

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

a0f1580e5d33817b06f6d00e46e48197b06a977dbf91dd24de1afbe8437f7587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Origin: https://quoteinsurancenorthcarolina.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
x-envoy-upstream-service-time: 93
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200

GET
H2 200 i
tr.snapchat.com/cm/ Frame 0998 0
0 75ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=b81eadf8-1111-424f-b645-4073b99f3413&u_sclid=e47d830d-bba3-48c2-9964-c0936a1f293e

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 24 May 2024 23:01:59 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 41ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 21ms
20ms Script
application/javascript 146.75.120.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
content-encoding: br
x-cdn: fastly
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19942

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
369 B 181ms
87ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1716591719330&dep=2%2CPAGE_LOAD
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8113298230204261
content-length: 185
pin-unauth: dWlkPU9UaGxaVFZpWldFdE56QXhOeTAwTURjM0xUaG1Nakl0Tm1abVl6azNaalpsTkRVMw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: b5901f219bb3b9de79ce62fb7d9d7ff8817dc3ff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 175ms
86ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fquoteinsurancenorthcarolina.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.112%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1716591719334
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:01:59 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
pinterest-version: b5901f219bb3b9de79ce62fb7d9d7ff8817dc3ff
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4092871355809474
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 1673276772914128
connect.facebook.net/signals/config/ 0
0

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 364ms
21ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 45ms
42ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
x-cdn: fastly
age: 3759
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame 15AC 0
0 164ms
81ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quoteinsurancenorthcarolina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 23:01:59 GMT
pinterest-version: b5901f219bb3b9de79ce62fb7d9d7ff8817dc3ff
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8193219012423600

POST
H3 200 p
tr.snapchat.com/ 0
15 B 24ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://quoteinsurancenorthcarolina.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 23:01:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://quoteinsurancenorthcarolina.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1673276772914128?v=2.9.156&r=stable&domain=quoteinsurancenorthcarolina.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: State Farm (Insurance)

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 20:51:18	Name: X-AB Value: e3b2dc349f3b4a04b5f3001688f8af65
quoteinsurancenorthcarolina.com/	1970-01-20 20:51:18	Name: __cheesecrd_version Value: master
.demdex.net/	1970-01-21 01:09:03	Name: demdex Value: 11291392043448576103204278365097637707
.quoteinsurancenorthcarolina.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.statefarm.com/	1970-01-21 06:25:51	Name: s_ecid Value: MCMID%7C03217960798286356062858483915534957719
.quoteinsurancenorthcarolina.com/	1970-01-21 06:25:51	Name: optimizelyEndUserId Value: oeu1716591715860r0.9052957247274054
.quoteinsurancenorthcarolina.com/	1970-01-20 20:49:53	Name: s_gad Value: 1
.everesttech.net/	1970-01-21 05:35:27	Name: everest_g_v2 Value: g_surferid~ZlEcZAAAAEq-oAN-
.dpm.demdex.net/	1970-01-21 01:09:03	Name: dpm Value: 11291392043448576103204278365097637707
.doubleclick.net/	1970-01-21 06:11:27	Name: IDE Value: AHWqTUksKVL7WRaykOCmcgCIqWDT7-SW41BngTc7GUzsIGN399wO4OLwGeOASNHtN8Y
.quoteinsurancenorthcarolina.com/	1970-01-21 06:25:51	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19868%7CMCMID%7C03217960798286356062858483915534957719%7CMCAAMLH-1717196515%7C6%7CMCAAMB-1717196515%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1716598915s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19875%7CvVersion%7C5.5.0
.demdex.net/	1970-01-21 01:09:03	Name: dextp Value: 771-1-1716591716370\|903-1-1716591716471\|30646-1-1716591716571\|66757-1-1716591716672
.quoteinsurancenorthcarolina.com/	1970-01-20 20:49:53	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-v%3Awsg337bxpal
.quoteinsurancenorthcarolina.com/	1970-01-20 20:49:53	Name: s_pre_v6 Value: quoteinsurancenorthcarolina.com
.quoteinsurancenorthcarolina.com/	1970-01-20 20:49:53	Name: s_dl Value: 1
.quoteinsurancenorthcarolina.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.quoteinsurancenorthcarolina.com/	1970-01-21 06:25:51	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271716591716719%27%5D%5D
.quoteinsurancenorthcarolina.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.quoteinsurancenorthcarolina.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fquoteinsurancenorthcarolina.com%2F%7CentryProperty%3Dhttps%3A%2F%2Fquoteinsurancenorthcarolina.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-v%7Cs_prev_ch%3Dagent-micro-v%7Cs_prev_pn%3Dwsg337bxpal%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-v%3Awsg337bxpal%7Cmc%3Ddirect%20load%7Caowsv%3DNaN%7C
quoteinsurancenorthcarolina.com/	1970-01-21 05:35:27	Name: keen Value: {%22initialReferrer%22:null}
.quoteinsurancenorthcarolina.com/	1970-01-20 22:59:27	Name: _gcl_au Value: 1.1.1899728680.1716591719
.quoteinsurancenorthcarolina.com/	1970-01-21 06:25:51	Name: _ga_3WRNTYXP84 Value: GS1.1.1716591719.1.0.1716591719.60.0.0
.quoteinsurancenorthcarolina.com/	1970-01-21 06:25:51	Name: _ga Value: GA1.1.338211130.1716591719
.quoteinsurancenorthcarolina.com/	1970-01-21 06:19:38	Name: _scid Value: 6d5779d6-7f47-449a-8c72-0cd66d595b1c
.quoteinsurancenorthcarolina.com/	1970-01-21 06:19:38	Name: _scid_r Value: 6d5779d6-7f47-449a-8c72-0cd66d595b1c
.pinterest.com/	1970-01-21 05:35:27	Name: ar_debug Value: 1
.quoteinsurancenorthcarolina.com/	1970-01-21 05:35:27	Name: _pin_unauth Value: dWlkPU9UaGxaVFZpWldFdE56QXhOeTAwTURjM0xUaG1Nakl0Tm1abVl6azNaalpsTkRVMw

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://quoteinsurancenorthcarolina.com/ Message: Refused to execute script from 'https://www.statefarm.com/agent/cookie?associateID=WSG337BXPAL&app=AMS' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://quoteinsurancenorthcarolina.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://quoteinsurancenorthcarolina.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AIAh1ayPAQAAPsWQrqbSbHfsN4PQMtE7ws1JABzZAGauHJ2buujL0bW_Pvt2&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quoteinsurancenorthcarolina.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8367280580.cdn-pci.optimizely.com
ac2.st8fm.com
ajax.googleapis.com
cdn-pci.optimizely.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
fonts.googleapis.com
insight.adsrvr.org
js.adsrvr.org
logx.optimizely.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
mx-api.prod.mirus.io
nexus.ensighten.com
peachy.prod.mirus.io
quoteinsurancenorthcarolina.com
region1.analytics.google.com
s.pinimg.com
sc-static.net
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
static2.st8fm.com
stats.g.doubleclick.net
tapi.optimizely.com
tr.snapchat.com
tr6.snapchat.com
www.google.de
www.googletagmanager.com
www.statefarm.com
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
104.17.25.14
104.18.10.207
104.198.70.133
104.96.136.126
137.66.27.45
142.250.186.74
146.75.120.84
151.101.0.84
151.101.128.84
152.195.54.7
157.240.0.6
172.217.16.136
172.217.18.10
2.23.66.89
216.239.32.36
216.58.206.35
216.58.212.138
23.197.115.137
34.49.241.189
34.69.219.172
35.190.43.134
52.214.77.117
52.223.40.198
52.30.166.91
52.51.22.204
63.140.62.17
64.233.167.156
65.9.95.118
65.9.97.248
65.9.99.119
00a735022a0585ebce6bbc8df6dd9a1c84ac4f539523c318b5606b09b642e070
02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3
0c60d18a74be38366feb7c9f5e83acb67f3d6003105acddc4f9532e338e51729
0ce746d53f93bcedd2268c7bc83ab676cf5b6e1ebb8563d8033b580a30a95571
0ced4b6e7d3109e169298214cf79c4df62c85e9e5734a253f39291dd6652ff82
1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128
240422c986046f61655378669aca9bc6e6369c8f7c2897c0c73f7313eac34fed
241a2d93d5f2214485b768be76f1c32ec63f27fee0f2ed0da1a4a818776946e5
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
30f7a4420ae1e0cf7e0a30b7b1e8a2764afb4ff07b0509a102adadaa11695c80
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
395646e930760843a5cf04387e788dd51c73cba887b03ecbc0287163f8e04abb
422f0d1c2743f76a5b138e708580133a10eade0fe27a399e982a31e5bd44c7f4
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
4e9b64fb0adeef1125cc4560e7d971af9d67803f1f2418536920b155143394b2
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
518a20d06b5bfb8db8f47e3858952e914807f5d2fd1fdfb9095e5869dffc2d6f
52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5
54e179b782d60d9d3765632a985e75ebaa93084840b37dfe5a2bdbd2a0f281ba
59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c
613dbaad77d3b1ba267776f9a707ac07470f01e7cf2d0da80a8efb5c688e7e95
6195dc420a7c2f60abd30c9bc46985ac75ee25b6119ebc93028ed050926b0f71
6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa
6cbbf0ba2d6d20d1fffd16fcef92605209a35c4c00410ed9ed508013b05b2544
6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7
746164f668cd2513526e7b3bc8bc14c980c03fb967b4015f898164a89da8e70a
785b6692d256f8286db7fff9d1e8caf87508b8e25721ac968bf5626eb3e82dbe
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
82cc35f86f2c608fc99cdb23e4792b4a1e0de98c2cca8bda3a9faa0f9efb6f12
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
888165779244419daa6a82b858ed72f88a9d9675635ae358a5959408b7f06b2f
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
89d9a08ed4bd71f312ebb4e119de4fbec2413c382cf0370640fac3eb3b1d318f
92609df5f0c5e04e012a8e77798f57a57aea1059f24501c8cd1f15e8d77d05e7
980c9d8469c5132d294a0b1b877fbd353decdf9ae788c659bbbd07eb0e793136
984c8bac9b63099b2f9c4bb8c5ca07693dd08dbacb2d74ddc74bd63a346a9c28
9fa671507453033dc29100d755053ca2cfb3d2461e07f460086e00917e9d839e
a0f1580e5d33817b06f6d00e46e48197b06a977dbf91dd24de1afbe8437f7587
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a83e29645fe545dd490dbb9d55316febbe535585f9026cd390c153722a8f3f47
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484
b1d66b8b535538b6bea4355bf12f11597f66c0616cac6c09b23db46722acd92c
b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d
b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be
b61a02f07e674f75d5791e3626019e1b7ab55de6ce932ab58a987e79748cb913
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
bff54ba77cd196d04d70fe4be700ea230efc62fec8fa582bf543769e4c8529bc
c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f
c4660318b2f7fa5bd4381ea744ae7e274f60ea0895768b125d1f6a4313b19295
c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
d5ff4774cbab55de7f7e9e414084b6ff80a5cf4c652e642291ffffcd1690923d
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
db328693065730fc4066970235b2cc48c813e3c3433e10f8ba002051b2467ee2
de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7
dee13bd09aedf355d784b3e0233bf2f8960aa991de30e9b6fc350090ffdd9ca0
e09b2dd524e17cf66ad4c4bd3eae7f7069b63ef564f533f5fb81bdfef01ec93c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44e80fe7efafc808a605839ce99afd00c86bf82185c46353e3aa83973a5c8a1
e7d81a33da300471a6c28b35334a29cee3e4dd110f39265245d74971302e670d
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

quoteinsurancenorthcarolina.com Open in urlscan Pro 34.69.219.172 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

94 %HTTPS

0 %IPv6

22 Domains

35 Subdomains

30 IPs

5 Countries

1505 kBTransfer

4757 kBSize

27 Cookies

24 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

quoteinsurancenorthcarolina.com Open in urlscan Pro
34.69.219.172 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

94 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

30
IPs

5
Countries

1505 kB
Transfer

4757 kB
Size

27
Cookies

88 HTTP transactions
1 data transactions