www.rentalcover.com Open in urlscan Pro
2606:4700:10::6814:f71f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBUIN8-2FAPFW8wgIl2qmu6...
Effective URL:
https://www.rentalcover.com/auth
Submission: On March 16 via manual (March 16th 2020, 8:55:30 am UTC) from FR

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 22 domains to perform 53 HTTP transactions. The main IP is 2606:4700:10::6814:f71f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rentalcover.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on September 27th 2018. Valid for: 2 years.

This is the only time www.rentalcover.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 14	2606:4700:10:... 2606:4700:10::6814:f71f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.84.216 13.225.84.216	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:821::2013	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	143.204.97.118 143.204.97.118	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.102.147.248 34.102.147.248	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:e00:1d:5b69:7840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	54.68.60.138 54.68.60.138	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.220 143.204.98.220	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	35.241.23.116 35.241.23.116	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.139.140 35.244.139.140	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	13.238.4.254 13.238.4.254	16509 (AMAZON-02) (AMAZON-02)
2	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
53	27

14 2606:4700:10::6814:f71f (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

email.rentalcover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rentalcover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.rentalcover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.216 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-216.fra2.r.cloudfront.net

d2dq2ahtl5zl1z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-118.fra50.r.cloudfront.net

c.brightwrite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (United States)

ASN15169 (GOOGLE, US)
PTR: 248.147.102.34.bc.googleusercontent.com

intljs.rmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e00:1d:5b69:7840:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.brightwrite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.60.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-60-138.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.220 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-220.fra50.r.cloudfront.net

d26b395fwzu5fz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.23.116 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 116.23.241.35.bc.googleusercontent.com

ut.ra.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.139.140 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 140.139.244.35.bc.googleusercontent.com

api3.brightwrite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.238.4.254 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-4-254.ap-southeast-2.compute.amazonaws.com

dc.brightwrite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rentalcover.com 5 redirects email.rentalcover.com www.rentalcover.com files.rentalcover.com	435 KB
6	google.com 1 redirects www.google.com	314 KB
5	yandex.ru 1 redirects mc.yandex.ru	95 KB
5	fullstory.com www.fullstory.com rs.fullstory.com	132 KB
4	brightwrite.com c.brightwrite.com cdn.brightwrite.com api3.brightwrite.com dc.brightwrite.com	81 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	facebook.net connect.facebook.net	257 KB
2	nr-data.net bam.nr-data.net	461 B
2	facebook.com www.facebook.com	449 B
2	google.de www.google.de	219 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	bing.com bat.bing.com	8 KB
2	cloudfront.net d2dq2ahtl5zl1z.cloudfront.net d26b395fwzu5fz.cloudfront.net	98 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	linksynergy.com ut.ra.linksynergy.com	371 B
1	segment.io api.segment.io	144 B
1	taboola.com cdn.taboola.com	21 KB
1	rmtag.com intljs.rmtag.com	21 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	googleapis.com fonts.googleapis.com	975 B
53	22

	Domain	Requested by
11	www.rentalcover.com	3 redirects www.rentalcover.com cdn.brightwrite.com
6	www.google.com	1 redirects www.rentalcover.com d26b395fwzu5fz.cloudfront.net www.google.com
5	mc.yandex.ru	1 redirects www.rentalcover.com
3	fonts.gstatic.com	www.rentalcover.com
3	rs.fullstory.com	www.fullstory.com cdn.brightwrite.com
3	connect.facebook.net	www.rentalcover.com connect.facebook.net
2	bam.nr-data.net	js-agent.newrelic.com cdn.brightwrite.com
2	www.facebook.com	www.rentalcover.com
2	www.google.de	www.rentalcover.com
2	www.google-analytics.com	1 redirects d2dq2ahtl5zl1z.cloudfront.net
2	bat.bing.com	www.rentalcover.com
2	www.fullstory.com	www.rentalcover.com www.fullstory.com
2	email.rentalcover.com	2 redirects
1	dc.brightwrite.com
1	js-agent.newrelic.com	www.rentalcover.com
1	api3.brightwrite.com	cdn.brightwrite.com
1	stats.g.doubleclick.net	1 redirects
1	ut.ra.linksynergy.com	intljs.rmtag.com
1	d26b395fwzu5fz.cloudfront.net	d2dq2ahtl5zl1z.cloudfront.net
1	api.segment.io	d2dq2ahtl5zl1z.cloudfront.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.taboola.com	www.rentalcover.com
1	cdn.brightwrite.com	www.googletagmanager.com
1	intljs.rmtag.com	www.rentalcover.com
1	c.brightwrite.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	d2dq2ahtl5zl1z.cloudfront.net	www.rentalcover.com
1	www.googletagmanager.com	www.rentalcover.com
1	fonts.googleapis.com	www.rentalcover.com
1	files.rentalcover.com	www.rentalcover.com
53	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.covergenius.com

Subject Issuer	Validity	Valid
*.rentalcover.com RapidSSL TLS RSA CA G1	`2018-09-27` - `2020-09-09`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.brightwrite.com RapidSSL RSA CA 2018	`2018-01-24` - `2021-03-24`	3 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.rmtag.com Thawte RSA CA 2018	`2020-01-23` - `2022-02-26`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2019-06-24` - `2020-07-01`	a year	crt.sh
ut.ra.linksynergy.com GTS CA 1D2	`2020-02-26` - `2020-05-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.rentalcover.com/auth
Frame ID: DEAB0AA1347606D77D61AF7E8D789128
Requests: 52 HTTP requests in this frame

Frame: https://www.fullstory.com/s/fs.js
Frame ID: C5EC49F566FF70F99300F588EAAE975E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBU... HTTP 301
https://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBU... HTTP 302
https://www.rentalcover.com/payment/N5JS-ITEF-INS/?utm_medium=email&utm_source=transactional&utm_content... HTTP 302
https://www.rentalcover.com/repurchase/N5JS-ITEF-INS HTTP 302
https://www.rentalcover.com/payment/FO34-0335-INS HTTP 302
https://www.rentalcover.com/auth Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

53
Requests

100 %
HTTPS

54 %
IPv6

22
Domains

30
Subdomains

27
IPs

6
Countries

1570 kB
Transfer

5414 kB
Size

20
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/rentalcover/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/rentalcover
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.covergenius.com/
Title: Cover Genius UK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBUIN8-2FAPFW8wgIl2qmu6Nn4x4rb5A1elKMgku65NBEYHD6hZIu-2FxWXmhGT6R3fNaRx1uWOYY-2FS3kT79YKl4Sx9gLzb87QaYGWbtKfZiDls-2Bd7U-2B42rEXDcuIuC-2BaNgiS2o6CmoMCltd-2BhVnvslsQP2q1pxli-2F2UXtMJuXsYQQ6C4dI0OjC0MMmw9E6l-2FCXJ5AKk8JcAoV9Ad51MQ0zlzf9xDldoAHq4NDuf1oHPmCaqKe6hPC3ThKgMeF7cWJCUSRPvrIWIbf_YMJdYxCsbA3IVx986czIdRzJHkrW3Oxm5xRsc22VaRwBel2CSyTSUd6oKapc5y-2FWdFcH-2BbsN2R5LuD6egc2lfpBzqDxH6Uu3ay7oSb3PuiCOOM8uVzkTQ-2Bfp9bO5gHd8D8qFOy6H9lV2ksQ5jjeTH2oaJ8CPgSx-2BooosKDjXQRomlTD4IYxxOzp-2BsmSSjNmd2F-2BMlKCL-2BDqggwTStYgR-2BMq66uVZtNH8mU-2F-2BuguXrdUnoWCXZyuHKNozgZKVIvBaDPVcNxcTDoSGLvLNKIHj5dy0-2BDJCBFITQ6bCy0aYbvF2BLGKUq0s2vkV7PJJa-2FQbTAZNBQzsiLoCAUZcJxVb8enFtr8oXsbmWld3jLCZE808QmRtU7H7Mh1xpoDwQFWksUOxZuqL3NuP6-2BtEUaCuFxygHxT2TT6-2Bl-2FwiQATw3xxJGBAhPPOVuWtCI-2FKJpmp3oXzAl9-2BnHH8PZrPr7LJlbZqLKXfHLzVWhNebUVaQuFEn13kCuG4VTdEw3-2FE6eXp6mz0EQgX5qVddyJypjNP5u-2BDnea2awVnWCV4qa1a6-2FPijmcSGWA3its3xV6uzkuA-2FAL6jqf8Rc0YQFYfek1Qf2GviaoNwMUm-2BncONzuapki0Bc6gttI32-2B0KXYGcfvcEw HTTP 301
https://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBUIN8-2FAPFW8wgIl2qmu6Nn4x4rb5A1elKMgku65NBEYHD6hZIu-2FxWXmhGT6R3fNaRx1uWOYY-2FS3kT79YKl4Sx9gLzb87QaYGWbtKfZiDls-2Bd7U-2B42rEXDcuIuC-2BaNgiS2o6CmoMCltd-2BhVnvslsQP2q1pxli-2F2UXtMJuXsYQQ6C4dI0OjC0MMmw9E6l-2FCXJ5AKk8JcAoV9Ad51MQ0zlzf9xDldoAHq4NDuf1oHPmCaqKe6hPC3ThKgMeF7cWJCUSRPvrIWIbf_YMJdYxCsbA3IVx986czIdRzJHkrW3Oxm5xRsc22VaRwBel2CSyTSUd6oKapc5y-2FWdFcH-2BbsN2R5LuD6egc2lfpBzqDxH6Uu3ay7oSb3PuiCOOM8uVzkTQ-2Bfp9bO5gHd8D8qFOy6H9lV2ksQ5jjeTH2oaJ8CPgSx-2BooosKDjXQRomlTD4IYxxOzp-2BsmSSjNmd2F-2BMlKCL-2BDqggwTStYgR-2BMq66uVZtNH8mU-2F-2BuguXrdUnoWCXZyuHKNozgZKVIvBaDPVcNxcTDoSGLvLNKIHj5dy0-2BDJCBFITQ6bCy0aYbvF2BLGKUq0s2vkV7PJJa-2FQbTAZNBQzsiLoCAUZcJxVb8enFtr8oXsbmWld3jLCZE808QmRtU7H7Mh1xpoDwQFWksUOxZuqL3NuP6-2BtEUaCuFxygHxT2TT6-2Bl-2FwiQATw3xxJGBAhPPOVuWtCI-2FKJpmp3oXzAl9-2BnHH8PZrPr7LJlbZqLKXfHLzVWhNebUVaQuFEn13kCuG4VTdEw3-2FE6eXp6mz0EQgX5qVddyJypjNP5u-2BDnea2awVnWCV4qa1a6-2FPijmcSGWA3its3xV6uzkuA-2FAL6jqf8Rc0YQFYfek1Qf2GviaoNwMUm-2BncONzuapki0Bc6gttI32-2B0KXYGcfvcEw HTTP 302
https://www.rentalcover.com/payment/N5JS-ITEF-INS/?utm_medium=email&utm_source=transactional&utm_content=canadianres&utm_campaign=SINGLETRIP_CANCELLATION_PARTNER&booking=N5JS-ITEF-INS&_lang=en&couponCode=bonvoyage-cGPSt HTTP 302
https://www.rentalcover.com/repurchase/N5JS-ITEF-INS HTTP 302
https://www.rentalcover.com/payment/FO34-0335-INS HTTP 302
https://www.rentalcover.com/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1994085935&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rentalcover.com%2Fauth&ul=en-us&de=UTF-8&dt=Login%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEAB~&jid=1519340301&gjid=784064262&cid=1250770503.1584348914&tid=UA-43138925-1&_gid=611347334.1584348914&_r=1&z=132499240 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_gid=611347334.1584348914&gjid=784064262&_v=j81&z=132499240 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_v=j81&z=132499240 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_v=j81&z=132499240&slf_rd=1&random=1840905777

Request Chain 32

https://mc.yandex.ru/watch/50429956?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200316095513%3Aet%3A1584348914%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A168303815%3Ahid%3A833599255%3Ads%3A0%2C0%2C329%2C1%2C1279%2C0%2C0%2C218%2C0%2C%2C%2C%2C1829%3Afp%3A1740%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1584348914%3Au%3A1584348914189884433%3At%3ALogin%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com HTTP 302
https://mc.yandex.ru/watch/50429956/1?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200316095513%3Aet%3A1584348914%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A168303815%3Ahid%3A833599255%3Ads%3A0%2C0%2C329%2C1%2C1279%2C0%2C0%2C218%2C0%2C%2C%2C%2C1829%3Afp%3A1740%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1584348914%3Au%3A1584348914189884433%3At%3ALogin%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
www.rentalcover.com/
Redirect Chain

http://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBUIN8-2FAPFW8wgIl2qmu6Nn4x4rb5A1elKMgku65NBEYHD6hZIu-2FxWXmhGT6R3fNaRx1uWOYY-2FS3kT79YKl4Sx9gL...
https://email.rentalcover.com/ls/click?upn=WybKipc5asTTQ4Y49VRY3hGvoYH7hQl8BiiETAnBdgRDLHve-2FQBdZekpooHBUIN8-2FAPFW8wgIl2qmu6Nn4x4rb5A1elKMgku65NBEYHD6hZIu-2FxWXmhGT6R3fNaRx1uWOYY-2FS3kT79YKl4Sx9g...
https://www.rentalcover.com/payment/N5JS-ITEF-INS/?utm_medium=email&utm_source=transactional&utm_content=canadianres&utm_campaign=SINGLETRIP_CANCELLATION_PARTNER&booking=N5JS-ITEF-INS&_lang=en&coup...
https://www.rentalcover.com/repurchase/N5JS-ITEF-INS
https://www.rentalcover.com/payment/FO34-0335-INS
https://www.rentalcover.com/auth

56 KB
14 KB

329ms
329ms

Document
text/html

2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1d8a117f164c7032dc63639ef23ea21eee6eeee3d2c119f29d3dc0d39c24f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' ; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://.jotfor.ms https://.jotform.co https://.fomo.com https://.keen.io https://.yandex.ru https://.nr-data.net https://.facebook.net https://.google-analytics.com https://.google.com https://.cloudfront.net https://.fullstory.com https://.newrelic.com https://.alphatec.net https://googleads.g.doubleclick.net https://.rentalcover.com https://.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://.zopim.com https://.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://.linksynergy.com https://intljs.rmtag.com https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://.zdassets.com https://.nr-data.net .braintreegateway.com www.paypalobjects.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://.fullstory.com https://.segment.io https://.alphatec.net https://stats.usefomo.com wss://.zopim.com https://.google-analytics.com https://.yandex.ru https://.trustpilot.com https://.brightwrite.com https://sentry.io https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://.zdassets.com https://.nr-data.net .braintreegateway.com .braintree-api.com https://api.stripe.com .amazonaws.com .cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://.vimeo.com https://.g.doubleclick.net https://.trustpilot.com .braintreegateway.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://.facebook.com https://.kayak.com https://.kayak.com.au https://.momondo.com.au https://.momondo.co.nz https://.momondo.com https://.hotelscombined.com.au https://.hotelscombined.co.nz https://.cheapflights.com.au https://.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.rentalcover.com
:scheme: https
:path: /auth
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d6235eaf067da434f878092a7d47d49da1584348911; sid=l8eol2tfebeabv285gmvbvgioc; rentalGuideBookingDetails=3b8aa9a59b661a8a9cfd8aa3acae4a577de53850s%3A44%3A%22%7B%22Destination%22%3A%22new-zealand%22%2C%22Country%22%3A%22NZ%22%7D%22%3B; bookingReference=944818fc09f43bcec71285dd1f15b2a0d060b27as%3A13%3A%22N5JS-ITEF-INS%22%3B
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 16 Mar 2020 08:55:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: YII_CSRF_TOKEN=5d5439e27ab47fc6de6197241272d60c52414d1c; expires=Tue, 17-Mar-2020 08:55:13 GMT; Max-Age=86400; path=/
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' *; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: *; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://*.jotfor.ms https://*.jotform.co https://*.fomo.com https://*.keen.io https://*.yandex.ru https://*.nr-data.net https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.cloudfront.net https://*.fullstory.com https://*.newrelic.com https://*.alphatec.net https://googleads.g.doubleclick.net https://*.rentalcover.com https://*.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://*.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://*.zopim.com https://*.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://*.linksynergy.com https://intljs.rmtag.com https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com www.paypalobjects.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://*.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://*.fullstory.com https://*.segment.io https://*.alphatec.net https://stats.usefomo.com wss://*.zopim.com https://*.google-analytics.com https://*.yandex.ru https://*.trustpilot.com https://*.brightwrite.com https://sentry.io https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com *.braintree-api.com https://api.stripe.com *.amazonaws.com *.cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://*.vimeo.com https://*.g.doubleclick.net https://*.trustpilot.com *.braintreegateway.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://*.facebook.com https://*.kayak.com https://*.kayak.com.au https://*.momondo.com.au https://*.momondo.co.nz https://*.momondo.com https://*.hotelscombined.com.au https://*.hotelscombined.co.nz https://*.cheapflights.com.au https://*.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, HEAD
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 574d41028f349748-FRA
content-encoding: gzip

Redirect headers

status: 302
date: Mon, 16 Mar 2020 08:55:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://www.rentalcover.com/auth
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' *; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: *; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://*.jotfor.ms https://*.jotform.co https://*.fomo.com https://*.keen.io https://*.yandex.ru https://*.nr-data.net https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.cloudfront.net https://*.fullstory.com https://*.newrelic.com https://*.alphatec.net https://googleads.g.doubleclick.net https://*.rentalcover.com https://*.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://*.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://*.zopim.com https://*.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://*.linksynergy.com https://intljs.rmtag.com https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com www.paypalobjects.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://*.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://*.fullstory.com https://*.segment.io https://*.alphatec.net https://stats.usefomo.com wss://*.zopim.com https://*.google-analytics.com https://*.yandex.ru https://*.trustpilot.com https://*.brightwrite.com https://sentry.io https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com *.braintree-api.com https://api.stripe.com *.amazonaws.com *.cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://*.vimeo.com https://*.g.doubleclick.net https://*.trustpilot.com *.braintreegateway.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://*.facebook.com https://*.kayak.com https://*.kayak.com.au https://*.momondo.com.au https://*.momondo.co.nz https://*.momondo.com https://*.hotelscombined.com.au https://*.hotelscombined.co.nz https://*.cheapflights.com.au https://*.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
x-xss-protection: 1; mode=block
strict-transport-security: max-age=2592000; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, HEAD
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 574d41022ee49748-FRA

GET
H2 200 critical.css
www.rentalcover.com/themes/rentalcover/assets/css/ 218 KB
37 KB 73ms
72ms Stylesheet
text/css 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/themes/rentalcover/assets/css/critical.css?rev=1584345600

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

335ca630bd8fa39eddf31f2015b8b9d5881177a8f7de1299eb9164742bda49cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1867
cf-polished: origSize=223194
status: 200
vary: Accept-Encoding
last-modified: Mon, 16 Mar 2020 06:43:01 GMT
server: cloudflare
etag: W/"5e6f1ff5-367da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css
expires: Wed, 15 Apr 2020 08:24:06 GMT
cache-control: public, max-age=2678400, s-maxage=2592000
cf-ray: 574d4104990d9748-FRA
cf-bgj: minify

GET
H2 200 language.png
www.rentalcover.com/themes/rentalcover/assets/img/icons/ 491 B
633 B 73ms
72ms Image
image/png 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rentalcover.com/themes/rentalcover/assets/img/icons/language.png

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4fb3612c08af9f1b846a1395de3f38917a12f6844ff9a2a11a481722145544

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 118035
status: 200
vary: Accept-Encoding
content-length: 491
last-modified: Thu, 12 Mar 2020 05:48:18 GMT
server: cloudflare
etag: "5e69cd22-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
cache-control: public, max-age=2678400, s-maxage=2592000
accept-ranges: bytes
cf-ray: 574d4104990e9748-FRA
expires: Tue, 14 Apr 2020 00:07:58 GMT

GET
H2 200 w_hori.svg
files.rentalcover.com/img/rc-logo/ 18 KB
7 KB 98ms
25ms Image
image/svg+xml 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.rentalcover.com/img/rc-logo/w_hori.svg

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68cacdd08cceada492136babe49effb351c7ca3b78b7f06073773f36f742ba96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6527
x-amz-server-side-encryption: AES256
cf-ray: 574d410509669748-FRA
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 27 May 2019 01:19:47 GMT
server: cloudflare
etag: W/"d13a5ad8fca452db5e1b4971e8ead48c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zUhjaE1fJL0dpRQgJ8kyP12mVq9nmrJu
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: image/svg+xml
x-amz-cf-id: RBRHWVqPiz5OJtBH892kmd60jG6QhhwFEj984n8tZl14AEata0PKVg==

GET
H2 200 app.js Show response
www.rentalcover.com/themes/rentalcover/assets/js/ 1 MB
324 KB 20ms
19ms Script
application/javascript 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/themes/rentalcover/assets/js/app.js?rev=1584277200

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067f7f41c0d2b8069a39ecb54d73ba4a1321adb5454d25083f8454e138dc9769

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70070
cf-polished: origSize=1182323
status: 200
vary: Accept-Encoding
last-modified: Thu, 12 Mar 2020 05:48:18 GMT
server: cloudflare
etag: W/"5e69cd22-120a73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript
expires: Tue, 14 Apr 2020 13:27:23 GMT
cache-control: public, max-age=2678400, s-maxage=2592000
cf-ray: 574d4105196a9748-FRA
cf-bgj: minify

GET
H2 200 app.css
www.rentalcover.com/themes/rentalcover/assets/css/ 49 KB
10 KB 25ms
24ms Stylesheet
text/css 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/themes/rentalcover/assets/css/app.css?rev=1584345600

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62e9ae22a85b0246cc9bc89aee13b2c2e54dbb976e1ae2e4b70b111a258c3df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1867
cf-polished: origSize=49739
status: 200
vary: Accept-Encoding
last-modified: Mon, 16 Mar 2020 06:43:01 GMT
server: cloudflare
etag: W/"5e6f1ff5-c24b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css
expires: Wed, 15 Apr 2020 08:24:06 GMT
cache-control: public, max-age=2678400, s-maxage=2592000
cf-ray: 574d4105196b9748-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 11 KB
975 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad534d8c80acccd3c50afba5fe9e2a05bcbe548ab391fcb77c86429194fdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 08:55:13 GMT
server: ESF
date: Mon, 16 Mar 2020 08:55:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
33 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPB8M5K

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbcabc0fa60cc5b3ed72cb98902b2f98a7e60faba47d244025840ad99829b344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33486
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H/1.1 200
OK analytics.min.js Show response
d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/yqa2m7k7yz/ 371 KB
70 KB 121ms
15ms Script
text/javascript 13.225.84.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/yqa2m7k7yz/analytics.min.js
Requested by: Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.216 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-216.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e852ab29f2edee14e6831efa74b873d943cb02206ee7baebcf1f20a887d6bf20

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Gzr8ZIVNcaLUYEX_LZcPImmsaBBSEFER
Content-Encoding: gzip
Age: 292
X-Cache: Hit from cloudfront
Date: Mon, 16 Mar 2020 08:50:22 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 71131
Via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront), 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
Last-Modified: Fri, 13 Mar 2020 17:53:56 GMT
Server: AmazonS3
ETag: "a0c29ecf2b0bb828fc2a4ee103154eb4"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: FRA53-C1, FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: 8BMYQ6LGoBsmX610Vu9mbvfC7zc-JPzAPf1kSVLkFZD56Al_nWp2DA==

GET
H2 200 fs.js Show response
www.fullstory.com/s/ 181 KB
65 KB 35ms
13ms Script
application/javascript 2a00:1450:4001:821::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fullstory.com/s/fs.js

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

2648d4ee4ebeecd19a144a12358916f9c118238fab6efba9ec027c061ecfa68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 490
etag: "tnspHg"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: e8522bbc95dd26e2a4664d71a994e1df
cache-control: public, max-age=600
date: Mon, 16 Mar 2020 08:47:03 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 65824
expires: Mon, 16 Mar 2020 08:57:03 GMT

GET
H2 200 rc-font.ttf
www.rentalcover.com/themes/rentalcover/assets/fonts/rc-icon/ 36 KB
37 KB 24ms
23ms Font
application/octet-stream 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/themes/rentalcover/assets/fonts/rc-icon/rc-font.ttf

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e85f111e25b6dcdd7298a12cf37b5791de02809dd9da05937d2dd0e01e797e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/themes/rentalcover/assets/css/critical.css?rev=1584345600
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 118034
status: 200
vary: Accept-Encoding
content-length: 37256
last-modified: Thu, 12 Mar 2020 05:48:18 GMT
server: cloudflare
etag: "5e69cd22-9188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/octet-stream
cache-control: public, max-age=2678400, s-maxage=2592000
accept-ranges: bytes
cf-ray: 574d4105297f9748-FRA
expires: Tue, 14 Apr 2020 00:07:59 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 30ms
17ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB8M5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9953
x-xss-protection: 0
server: cafe
etag: 242256469415106277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H2 200 bw.js Show response
c.brightwrite.com/rentalcover_generic/ 70 KB
25 KB 53ms
15ms Script
text/javascript 143.204.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.brightwrite.com/rentalcover_generic/bw.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB8M5K
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-118.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56cc8f182436220fd8a767125a1803278ed01f05461fa459fb511fad1366bafd

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 03:39:06 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2017 04:45:58 GMT
server: AmazonS3
age: 18968
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: p7VUvudQ1vFPCH06LqbQ4_fC4-qFb4w0ijgGVItyOhSBI7fol-EzqA==
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 44ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:12 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 04:51:11 GMT
x-msedge-ref: Ref A: 167A53E16C924490AAB5E38310A7E3F4 Ref B: FRAEDGE0210 Ref C: 2020-03-16T08:55:13Z
access-control-allow-origin: *
etag: "8094a4f3f8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7446

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 363 KB
92 KB 159ms
79ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

4dab9ed34f74ced7d78bdb6c934a4f3da29b22a481afe408e4a59786fab6dd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 16 Mar 2020 08:55:13 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Mar 2020 15:04:37 GMT
Server: nginx/1.14.2
ETag: "5e67ac85-16ecc"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93900
Expires: Mon, 16 Mar 2020 09:55:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: CUdJWeMLsm0CMj2HK8KKfLYf0vFPpK4FRMvy3+1pGD//NatphJ58uJ8m4E4/EE0CQIUKMf0JdPQ4c5PVQPnkGA==
x-fb-trip-id: 1850256238
date: Mon, 16 Mar 2020 08:55:13 GMT, Mon, 16 Mar 2020 08:55:13 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 118371.ct.js Show response
intljs.rmtag.com/ 63 KB
21 KB 88ms
32ms Script
text/javascript 34.102.147.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://intljs.rmtag.com/118371.ct.js
Requested by: Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.102.147.248 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 493eeadb93f49163570e0eca71e1d991c9b7a667d3cdc460714a2b4240519aff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
last-modified: Mon, 16 Mar 2020 08:55:13 GMT
x-cache: hit
x-samesite: secure
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-type: text/javascript
alt-svc: clear
via: 1.1 google

GET
H2 200 client-sdk.min.js Show response
cdn.brightwrite.com/ 210 KB
56 KB 57ms
10ms Script
application/javascript 2600:9000:21f3:e00:1d:5b69:7840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brightwrite.com/client-sdk.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB8M5K
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:e00:1d:5b69:7840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3f4884353eed0177a24a9e9b3a9ea055d067bd87935efb8e822a9d3e8f73f03

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:25:55 GMT
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 04:57:21 GMT
server: AmazonS3
age: 1759
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: OzzvZ.pVy0lOFNvFxtQY_WnbH5gacug5
status: 200
cache-control: max-age=3600,
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: WIBifAVWnGEC4OhJLDU0TS9mac8J8esYo6XdmRb_fojmhzYdjCUl0A==
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1190292/ 61 KB
21 KB 124ms
107ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1190292/tfa.js
Requested by: Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4187dcf935dcb1b180fdb44cf38524906aa6da4a915a38f9b57dab83229b708

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 5b_uEVqY_D.Xovqlmbs7s6d0AC3ETh9w
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Mon, 16 Mar 2020 08:55:13 GMT
x-amz-replication-status: COMPLETED
content-length: 20914
x-amz-id-2: Gqd/3zQ/a8zJ2NijX6x95Mdc/LABrL74g8TuJ/++odnCrmeqQY6YaS/iPzlsaEEZpmYIGGuTAtk=
x-served-by: cache-fra19139-FRA
last-modified: Wed, 29 Jan 2020 13:42:13 GMT
server: AmazonS3
x-timer: S1584348914.543341,VS0,VE99
etag: "acf7ed475d522656e309b2fc8892271c"
vary: Accept-Encoding
x-amz-request-id: 87C60C14A4029CF1
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 1

POST
H2 200 page Show response
rs.fullstory.com/rec/ 3 KB
3 KB 413ms
399ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d6812832b158ba7b85d0899d8b7763e08f8981f55b78763b3aa5c841ea5c533c

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Mon, 16 Mar 2020 08:55:13 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-origin: https://www.rentalcover.com
alt-svc: clear
content-type: application/json; charset=utf-8

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:35:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 1772365
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:35:48 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:08:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 4574812
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:08:21 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Mar 2020 13:13:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:37 GMT
server: sffe
age: 1194113
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13560
x-xss-protection: 0
expires: Tue, 02 Mar 2021 13:13:20 GMT

GET
H2 200 598819700539379 Show response
connect.facebook.net/signals/config/ 447 KB
114 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/598819700539379?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26291c3079ef8efb223c61f62f29384f56359a72417d8ef47c2c5cf080a86eac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: alXcoQCDWRy4wJdcXZZi63JWixDyj5b1uSO0iBwyJCHSUAq8kZR34ya1sWdk4a9uZUkGnKognrbhVFQm4FrAnw==
x-fb-trip-id: 1850256238
date: Mon, 16 Mar 2020 08:55:13 GMT, Mon, 16 Mar 2020 08:55:13 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/989856927/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989856927/?random=1584348913659&cv=9&fst=1584348913659&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&tiba=Login%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19707c12384e889e46af1141fa4b08be956e0acf2036a1a0ca8ff20434ae53ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5214943&Ver=2&mid=f33ccc28-434c-5d64-5059-d998a920b549&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Login%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com&p=https%3A%2F%2Fwww.rentalcover.com%2Fauth&r=&lt=1829&evt=pageLoad&msclkid=N&rn=478601
Requested by: Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Mon, 16 Mar 2020 08:55:12 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 398776ED54764A28A6932BD59FB87295 Ref B: FRAEDGE0210 Ref C: 2020-03-16T08:55:13Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
144 B 544ms
181ms XHR
application/json 54.68.60.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/yqa2m7k7yz/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.60.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-60-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Mon, 16 Mar 2020 08:55:14 GMT
access-control-allow-origin: https://www.rentalcover.com
content-length: 21
vary: Origin
content-type: application/json

GET
H/1.1 200
OK keen.min.js Show response
d26b395fwzu5fz.cloudfront.net/3.4.0/ 95 KB
28 KB 50ms
9ms Script
application/javascript 143.204.98.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26b395fwzu5fz.cloudfront.net/3.4.0/keen.min.js
Requested by: Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/yqa2m7k7yz/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.220 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-220.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 534972535857da19c617c937441986146c8ebd0e296c76bab752127bfefe8fee

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 08 Dec 2019 02:46:47 GMT
Content-Encoding: gzip
Age: 8575707
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 27928
Last-Modified: Thu, 18 Feb 2016 04:32:40 GMT
Server: AmazonS3
ETag: "f159d4c6f56cd95b3aa7e91296886cfd"
Content-Type: application/javascript
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000000, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: uCyAlYYZxLLLHZCMBhPNfR6YezqU3qlSLWxgXlTD9RdwYDrKzf4aEw==
Expires: Fri, 17 Feb 2017 04:32:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d2dq2ahtl5zl1z.cloudfront.net
URL: https://d2dq2ahtl5zl1z.cloudfront.net/analytics.js/v1/yqa2m7k7yz/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1301
date: Mon, 16 Mar 2020 08:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 16 Mar 2020 10:33:32 GMT

GET
H2 200 jsp Show response
ut.ra.linksynergy.com/ 131 B
371 B 34ms
17ms Script
text/javascript 35.241.23.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.ra.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by: Host: intljs.rmtag.com
URL: https://intljs.rmtag.com/118371.ct.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.23.116 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.23.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 88f251f8d632f2640c2e0219b36cfc3c474006d8f200619eae1a6cda94717368

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
p3p: CP="NOI BUS NID DSP COR"
status: 200
content-type: text/javascript
alt-svc: clear
content-length: 131
via: 1.1 google

GET
H2 200 /
www.google.com/pagead/1p-user-list/989856927/ 42 B
297 B 22ms
22ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/989856927/?random=1584348913659&cv=9&fst=1584345600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&frm=0&url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&tiba=Login%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com&async=1&fmt=3&is_vtc=1&random=233897449&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 08:55:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/989856927/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/989856927/?random=1584348913659&cv=9&fst=1584345600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&frm=0&url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&tiba=Login%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com&async=1&fmt=3&is_vtc=1&random=233897449&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 08:55:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1994085935&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rentalcover.com%2Fauth&ul=en-us&de=UTF-8&dt=Login%20to%20RentalCover.com%20%E2%80%94%20Rental...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_gid=611347334.1584348914&gjid=784064262&_v=j81&z=132499240
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_v=j81&z=132499240
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_v=j81&z=132499240&slf_rd=1&random=1840905777

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_v=j81&z=132499240&slf_rd=1&random=1840905777

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Mar 2020 08:55:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Mar 2020 08:55:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43138925-1&cid=1250770503.1584348914&jid=1519340301&_v=j81&z=132499240&slf_rd=1&random=1840905777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/50429956/
Redirect Chain

https://mc.yandex.ru/watch/50429956?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2...
https://mc.yandex.ru/watch/50429956/1?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3...

0
-1 B

40ms
40ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/50429956/1?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200316095513%3Aet%3A1584348914%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A168303815%3Ahid%3A833599255%3Ads%3A0%2C0%2C329%2C1%2C1279%2C0%2C0%2C218%2C0%2C%2C%2C%2C1829%3Afp%3A1740%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1584348914%3Au%3A1584348914189884433%3At%3ALogin%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 08:55:13 GMT
Last-Modified: Mon, 16-Mar-2020 08:55:13 GMT
Server: nginx/1.14.2
Location: /watch/50429956/1?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200316095513%3Aet%3A1584348914%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A168303815%3Ahid%3A833599255%3Ads%3A0%2C0%2C329%2C1%2C1279%2C0%2C0%2C218%2C0%2C%2C%2C%2C1829%3Afp%3A1740%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1584348914%3Au%3A1584348914189884433%3At%3ALogin%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://www.rentalcover.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Mar-2020 08:55:13 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 08:55:13 GMT
Last-Modified: Mon, 16-Mar-2020 08:55:13 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://www.rentalcover.com
Strict-Transport-Security: max-age=31536000
Location: /watch/50429956/1?wmode=7&page-url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&charset=utf-8&browser-info=ti%3A10%3Ans%3A1584348911764%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200316095513%3Aet%3A1584348914%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A168303815%3Ahid%3A833599255%3Ads%3A0%2C0%2C329%2C1%2C1279%2C0%2C0%2C218%2C0%2C%2C%2C%2C1829%3Afp%3A1740%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1584348914%3Au%3A1584348914189884433%3At%3ALogin%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Mar-2020 08:55:13 GMT

GET
H2 200 620487915147943 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/620487915147943?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baf24470d112b3980899cc56e416523e115f607726eaf8d89b0b715897ad01b6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114946
x-xss-protection: 0
pragma: public
x-fb-debug: xdO+u0LvZeq7wN/5sGtCCk4eypoEatFOGkbKuAAIb+aieI7j7dMfhNczbD/7Q6/6iEObDgBH9MN2sl3WF2h9yw==
x-fb-trip-id: 1850256238
date: Mon, 16 Mar 2020 08:55:13 GMT, Mon, 16 Mar 2020 08:55:13 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
348 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=598819700539379&ev=PageView&dl=https%3A%2F%2Fwww.rentalcover.com%2Fauth&rl=&if=false&ts=1584348913860&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1584348913859.856511350&it=1584348913656&coo=false&rqm=GET

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT, Mon, 16 Mar 2020 08:55:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 49ms
40ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 08:55:13 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 16 Mar 2020 09:55:13 GMT

GET
H2 200 jsapi Show response
www.google.com/ 26 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/jsapi

Requested by

Host: d26b395fwzu5fz.cloudfront.net
URL: https://d26b395fwzu5fz.cloudfront.net/3.4.0/keen.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
vary: Accept-Encoding
cache-control: private, max-age=3600, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6424
x-xss-protection: 1; mode=block
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H2 201 / Show response
api3.brightwrite.com/js/events/ 42 B
261 B 82ms
60ms Fetch
image/gif 35.244.139.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api3.brightwrite.com/js/events/?fingerprint=71022234e81c7493bb7cf496c2aa8e44&timestamp=2020-3-16%209%3A55%3A13&page_url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&screen_size=1600x1200&language=en-US&num_plugins=0&referrer_url=&session_id=925e7ffa-1161-48db-84a4-ee7e0af45d92&user_id=5ce904e8-0c99-467b-90eb-0c97bd1a882d&action_name=pv&sdk_version=0.1.0

Requested by

Host: cdn.brightwrite.com
URL: https://cdn.brightwrite.com/client-sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.244.139.140 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

140.139.244.35.bc.googleusercontent.com

Software

gunicorn/19.8.1 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 201
date: Mon, 16 Mar 2020 08:55:13 GMT
via: 1.1 google
vary: Cookie, Origin
server: gunicorn/19.8.1
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.rentalcover.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 42

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/50429956/ 152 B
707 B 87ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

ebdafcb20e92ab72e1cc70e88055fb3f74bdc6591473ede0ad0b7f6ce0e2a530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Mar 2020 08:55:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16-Mar-2020 08:55:13 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.rentalcover.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Mar-2020 08:55:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=620487915147943&ev=PageView&dl=https%3A%2F%2Fwww.rentalcover.com%2Fauth&rl=&if=false&ts=1584348913899&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1584348913859.856511350&it=1584348913656&coo=false&rqm=GET

Requested by

Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT, Mon, 16 Mar 2020 08:55:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H2 200 / Show response
www.google.com/uds/ 732 B
415 B 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/?file=visualization&v=1.1&packages=corechart%2Ctable&async=2

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9df868b920f06bc9415fd8b170845984d461e3c4f46d74d2256c0cb37d18518c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
vary: Accept-Encoding
cache-control: private, max-age=3600, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 337
x-xss-protection: 1; mode=block
expires: Mon, 16 Mar 2020 08:55:13 GMT

GET
H2 200 fs.js Show response
www.fullstory.com/s/ Frame C5EC 181 KB
65 KB 36ms
14ms Script
application/javascript 2a00:1450:4001:821::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fullstory.com/s/fs.js

Requested by

Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

2648d4ee4ebeecd19a144a12358916f9c118238fab6efba9ec027c061ecfa68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.rentalcover.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 491
etag: "tnspHg"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: e8522bbc95dd26e2a4664d71a994e1df
cache-control: public, max-age=600
date: Mon, 16 Mar 2020 08:47:03 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 65824
expires: Mon, 16 Mar 2020 08:57:03 GMT

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
94 B 185ms
185ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=34DW0&UserId=4835815736705024&SessionId=6655411213008896&PageId=5094204962209792&Seq=1&PageStart=1584348913754&PrevBundleTime=0&LastActivity=446&IsNewSession=true
Requested by: Host: cdn.brightwrite.com
URL: https://cdn.brightwrite.com/client-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b307caf1063bbfb51c6528e822b66fcb962e88977c17296bc819df404b09db8b

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Mar 2020 08:55:14 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rentalcover.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

GET
H2 200 ui+en,table+en.css
www.google.com/uds/api/visualization/1.1/760702f7b56bd967c887f2c9118815e6/ 16 KB
3 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/visualization/1.1/760702f7b56bd967c887f2c9118815e6/ui+en,table+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3c9630e5bb5208f8aeff2843ff5179e6e36ab06fe29c5bfb86ebd67292b9c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 05 Feb 2020 05:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: GSE
age: 3468547
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
vary: Accept-Encoding
content-length: 3064
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 05:26:06 GMT

GET
H2 200 webfontloader,format+en,default+en,ui+en,table+en,corechart+en.I.js Show response
www.google.com/uds/api/visualization/1.1/760702f7b56bd967c887f2c9118815e6/ 952 KB
303 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/visualization/1.1/760702f7b56bd967c887f2c9118815e6/webfontloader,format+en,default+en,ui+en,table+en,corechart+en.I.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1171764bc64a8adfe0ee5fbd0606ce1e5a9125a463b5029904420c66440c5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 21:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: GSE
age: 1770293
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Tue, 23 Feb 2021 21:10:20 GMT

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 8ms
8ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: www.rentalcover.com
URL: https://www.rentalcover.com/auth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 16 Mar 2020 08:55:14 GMT
content-encoding: gzip
x-amz-request-id: 9F168BA697B778D0
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by: cache-hhn4044-HHN
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1584348914.052677,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14732

GET
H2 200 getipcountry Show response
www.rentalcover.com/ 58 B
2 KB 49ms
49ms XHR
application/json 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/getipcountry

Requested by

Host: cdn.brightwrite.com
URL: https://cdn.brightwrite.com/client-sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5f4edb2a93729976d6dc989db2be75c1d67f8cd7d508c675bff353de1f0421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' ; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://.jotfor.ms https://.jotform.co https://.fomo.com https://.keen.io https://.yandex.ru https://.nr-data.net https://.facebook.net https://.google-analytics.com https://.google.com https://.cloudfront.net https://.fullstory.com https://.newrelic.com https://.alphatec.net https://googleads.g.doubleclick.net https://.rentalcover.com https://.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://.zopim.com https://.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://.linksynergy.com https://intljs.rmtag.com https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://.zdassets.com https://.nr-data.net .braintreegateway.com www.paypalobjects.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://.fullstory.com https://.segment.io https://.alphatec.net https://stats.usefomo.com wss://.zopim.com https://.google-analytics.com https://.yandex.ru https://.trustpilot.com https://.brightwrite.com https://sentry.io https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://.zdassets.com https://.nr-data.net .braintreegateway.com .braintree-api.com https://api.stripe.com .amazonaws.com .cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://.vimeo.com https://.g.doubleclick.net https://.trustpilot.com .braintreegateway.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://.facebook.com https://.kayak.com https://.kayak.com.au https://.momondo.com.au https://.momondo.co.nz https://.momondo.com https://.hotelscombined.com.au https://.hotelscombined.co.nz https://.cheapflights.com.au https://.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.rentalcover.com/auth
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Mar 2020 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'self' https://*.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' *; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: *; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://*.jotfor.ms https://*.jotform.co https://*.fomo.com https://*.keen.io https://*.yandex.ru https://*.nr-data.net https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.cloudfront.net https://*.fullstory.com https://*.newrelic.com https://*.alphatec.net https://googleads.g.doubleclick.net https://*.rentalcover.com https://*.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://*.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://*.zopim.com https://*.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://*.linksynergy.com https://intljs.rmtag.com https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com www.paypalobjects.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://*.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://*.fullstory.com https://*.segment.io https://*.alphatec.net https://stats.usefomo.com wss://*.zopim.com https://*.google-analytics.com https://*.yandex.ru https://*.trustpilot.com https://*.brightwrite.com https://sentry.io https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com *.braintree-api.com https://api.stripe.com *.amazonaws.com *.cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://*.vimeo.com https://*.g.doubleclick.net https://*.trustpilot.com *.braintreegateway.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://*.facebook.com https://*.kayak.com https://*.kayak.com.au https://*.momondo.com.au https://*.momondo.co.nz https://*.momondo.com https://*.hotelscombined.com.au https://*.hotelscombined.co.nz https://*.cheapflights.com.au https://*.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
cf-ray: 574d4108dcaf9748-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK i
dc.brightwrite.com/ 43 B
466 B 1321ms
321ms Image
image/gif 13.238.4.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc.brightwrite.com/i?stm=1584348914057&e=pv&url=https%3A%2F%2Fwww.rentalcover.com%2Fauth&page=Login%20to%20RentalCover.com%20%E2%80%94%20RentalCover.com&tv=js-2.7.2&tna=bw&aid=datacollector&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=7098e8e7-f4b1-47ee-a02c-09b4db1cd055&dtm=1584348914055&vp=1600x1200&ds=1585x1592&vid=1&sid=9bef687d-296e-420b-952c-be9aa2a9e1c6&duid=ed08dc8c-2dc4-4160-ac1a-bd997e131f59&fp=9134934&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy93ZWJfcGFnZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJpZCI6ImMyMWQ5ZTIyLTRjZWMtNDY1MC1hMzAyLTgyZjRkOTNkYjc0OCJ9fSx7InNjaGVtYSI6ImlnbHU6b3JnLnczL1BlcmZvcm1hbmNlVGltaW5nL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Im5hdmlnYXRpb25TdGFydCI6MTU4NDM0ODkxMTc2NCwidW5sb2FkRXZlbnRTdGFydCI6MCwidW5sb2FkRXZlbnRFbmQiOjAsInJlZGlyZWN0U3RhcnQiOjAsInJlZGlyZWN0RW5kIjowLCJmZXRjaFN0YXJ0IjoxNTg0MzQ4OTEzMDQzLCJkb21haW5Mb29rdXBTdGFydCI6MTU4NDM0ODkxMzA0MywiZG9tYWluTG9va3VwRW5kIjoxNTg0MzQ4OTEzMDQzLCJjb25uZWN0U3RhcnQiOjE1ODQzNDg5MTMwNDMsImNvbm5lY3RFbmQiOjE1ODQzNDg5MTMwNDMsInNlY3VyZUNvbm5lY3Rpb25TdGFydCI6MCwicmVxdWVzdFN0YXJ0IjoxNTg0MzQ4OTEzMDQzLCJyZXNwb25zZVN0YXJ0IjoxNTg0MzQ4OTEzMzcyLCJyZXNwb25zZUVuZCI6MTU4NDM0ODkxMzM3MywiZG9tTG9hZGluZyI6MTU4NDM0ODkxMzM3NSwiZG9tSW50ZXJhY3RpdmUiOjE1ODQzNDg5MTM1OTMsImRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0IjoxNTg0MzQ4OTEzNTkzLCJkb21Db250ZW50TG9hZGVkRXZlbnRFbmQiOjE1ODQzNDg5MTM1OTMsImRvbUNvbXBsZXRlIjoxNTg0MzQ4OTE0MDUxLCJsb2FkRXZlbnRTdGFydCI6MTU4NDM0ODkxNDA1MSwibG9hZEV2ZW50RW5kIjowfX1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.238.4.254 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-238-4-254.ap-southeast-2.compute.amazonaws.com
Software: spray-can/1.3.3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 16 Mar 2020 08:55:15 GMT
Server: spray-can/1.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK fa6c04a6e6 Show response
bam.nr-data.net/1/ 57 B
275 B 103ms
103ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/fa6c04a6e6?a=283592186&v=1167.2a4546b&to=bwNQMhRSW0oCURJbWlZJZxQPHFxXB1ceHEVQFg%3D%3D&rst=2301&ref=https://www.rentalcover.com/auth&ap=297&be=1615&fe=2288&dc=1829&perf=%7B%22timing%22:%7B%22of%22:1584348911764,%22n%22:0,%22f%22:1279,%22dn%22:1279,%22dne%22:1279,%22c%22:1279,%22ce%22:1279,%22rq%22:1279,%22rp%22:1608,%22rpe%22:1609,%22dl%22:1611,%22di%22:1829,%22ds%22:1829,%22de%22:1829,%22dc%22:2287,%22l%22:2287,%22le%22:2295%7D,%22navigation%22:%7B%7D%7D&fp=1740&fcp=1740&at=Q0RTRFxISEQ%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.rentalcover.com/auth
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 checkResponseGDPRBanner Show response
www.rentalcover.com/ 47 B
226 B 43ms
42ms XHR
application/json 2606:4700:10::6814:f71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rentalcover.com/checkResponseGDPRBanner

Requested by

Host: cdn.brightwrite.com
URL: https://cdn.brightwrite.com/client-sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:10::6814:f71f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af063fa54681d9b74ba8b01b8249febba48c82d6eb3dc745a3313419c6c571fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' ; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://.jotfor.ms https://.jotform.co https://.fomo.com https://.keen.io https://.yandex.ru https://.nr-data.net https://.facebook.net https://.google-analytics.com https://.google.com https://.cloudfront.net https://.fullstory.com https://.newrelic.com https://.alphatec.net https://googleads.g.doubleclick.net https://.rentalcover.com https://.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://.zopim.com https://.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://.linksynergy.com https://intljs.rmtag.com https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://.zdassets.com https://.nr-data.net .braintreegateway.com www.paypalobjects.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://.fullstory.com https://.segment.io https://.alphatec.net https://stats.usefomo.com wss://.zopim.com https://.google-analytics.com https://.yandex.ru https://.trustpilot.com https://.brightwrite.com https://sentry.io https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://.zdassets.com https://.nr-data.net .braintreegateway.com .braintree-api.com https://api.stripe.com .amazonaws.com .cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://.vimeo.com https://.g.doubleclick.net https://.trustpilot.com .braintreegateway.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://.facebook.com https://.kayak.com https://.kayak.com.au https://.momondo.com.au https://.momondo.co.nz https://.momondo.com https://.hotelscombined.com.au https://.hotelscombined.co.nz https://.cheapflights.com.au https://.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.rentalcover.com/auth
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Mar 2020 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'self' https://*.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' *; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: *; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://*.jotfor.ms https://*.jotform.co https://*.fomo.com https://*.keen.io https://*.yandex.ru https://*.nr-data.net https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.cloudfront.net https://*.fullstory.com https://*.newrelic.com https://*.alphatec.net https://googleads.g.doubleclick.net https://*.rentalcover.com https://*.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://*.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://*.zopim.com https://*.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://*.linksynergy.com https://intljs.rmtag.com https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com www.paypalobjects.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://*.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://*.fullstory.com https://*.segment.io https://*.alphatec.net https://stats.usefomo.com wss://*.zopim.com https://*.google-analytics.com https://*.yandex.ru https://*.trustpilot.com https://*.brightwrite.com https://sentry.io https://*.xpay.xcover.com https://*.covergenius.com https://*.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://*.zdassets.com https://*.nr-data.net *.braintreegateway.com *.braintree-api.com https://api.stripe.com *.amazonaws.com *.cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://*.vimeo.com https://*.g.doubleclick.net https://*.trustpilot.com *.braintreegateway.com c.paypal.com *.cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://*.facebook.com https://*.kayak.com https://*.kayak.com.au https://*.momondo.com.au https://*.momondo.co.nz https://*.momondo.com https://*.hotelscombined.com.au https://*.hotelscombined.co.nz https://*.cheapflights.com.au https://*.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
cf-ray: 574d41092d199748-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
91 B 126ms
125ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=34DW0&UserId=4835815736705024&SessionId=6655411213008896&PageId=5094204962209792&Seq=2&PageStart=1584348913754&PrevBundleTime=1584348914042&LastActivity=4849&IsNewSession=true
Requested by: Host: cdn.brightwrite.com
URL: https://cdn.brightwrite.com/client-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f1dcfc037a03a4eb7f54f38a8c6e6debcae4b1d45944de65c18de9027e7bc36d

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Mar 2020 08:55:19 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rentalcover.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

POST
H/1.1 200
OK fa6c04a6e6 Show response
bam.nr-data.net/events/1/ 24 B
186 B 103ms
103ms XHR
image/gif 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/fa6c04a6e6?a=283592186&v=1167.2a4546b&to=bwNQMhRSW0oCURJbWlZJZxQPHFxXB1ceHEVQFg%3D%3D&rst=12301&ref=https://www.rentalcover.com/auth
Requested by: Host: cdn.brightwrite.com
URL: https://cdn.brightwrite.com/client-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.rentalcover.com/auth
Origin: https://www.rentalcover.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.rentalcover.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rentalcover.com/	1970-01-19 08:05:50	Name: _ym_visorc_50429956 Value: w
.rentalcover.com/	1970-01-19 16:51:24	Name: fs_uid Value: rs.fullstory.com#34DW0#4835815736705024:6655411213008896/1615884913
.rentalcover.com/	1970-01-19 08:07:00	Name: _ym_isad Value: 2
.rentalcover.com/	1970-01-19 10:15:24	Name: _fbp Value: fb.1.1584348913859.856511350
.rentalcover.com/	1970-01-19 16:51:24	Name: _ym_d Value: 1584348914
.rentalcover.com/	1970-01-19 16:51:24	Name: _ym_uid Value: 1584348914189884433
.rentalcover.com/	1970-01-19 08:05:48	Name: _gat Value: 1
.rentalcover.com/	1970-01-19 08:07:15	Name: _gid Value: GA1.2.611347334.1584348914
.rentalcover.com/	1970-01-20 01:37:00	Name: _bw_id.b41d Value: ed08dc8c-2dc4-4160-ac1a-bd997e131f59.1584348914.1.1584348914.1584348914.9bef687d-296e-420b-952c-be9aa2a9e1c6
.rentalcover.com/	1970-01-19 16:51:24	Name: ajs_group_id Value: null
.rentalcover.com/	1970-01-19 10:15:24	Name: _gcl_au Value: 1.1.873651487.1584348914
.rentalcover.com/	1970-01-19 16:51:24	Name: ajs_user_id Value: null
www.rentalcover.com/	1969-12-31 23:59:59	Name: bookingReference Value: 944818fc09f43bcec71285dd1f15b2a0d060b27as%3A13%3A%22N5JS-ITEF-INS%22%3B
.rentalcover.com/	1970-01-19 08:49:00	Name: __cfduid Value: d6235eaf067da434f878092a7d47d49da1584348911
.rentalcover.com/	1970-01-19 16:51:24	Name: ajs_anonymous_id Value: %226b8a94be-d52a-4a5a-a8c2-820c0f7c8574%22
.rentalcover.com/	1970-01-20 01:37:00	Name: _ga Value: GA1.2.1250770503.1584348914
www.rentalcover.com/	1970-01-19 08:07:15	Name: YII_CSRF_TOKEN Value: 5d5439e27ab47fc6de6197241272d60c52414d1c
www.rentalcover.com/	1970-01-19 12:25:00	Name: rentalGuideBookingDetails Value: 3b8aa9a59b661a8a9cfd8aa3acae4a577de53850s%3A44%3A%22%7B%22Destination%22%3A%22new-zealand%22%2C%22Country%22%3A%22NZ%22%7D%22%3B
.rentalcover.com/	1970-01-19 08:05:50	Name: _bw_ses.b41d Value: *
www.rentalcover.com/	1969-12-31 23:59:59	Name: sid Value: l8eol2tfebeabv285gmvbvgioc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.brightwrite.com/client-sdk.min.js(Line 1) Message: RMCMPW ex:TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.brightwrite.com/client-sdk.min.js(Line 1) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"page_view","id":1190292,"tim":1584348913728}'. TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.rentalcover.com; object-src 'self'; style-src 'unsafe-inline' ; img-src data: * assets.braintreegateway.com checkout.paypal.com; font-src data: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://r.turn.com https://fomo.com https://.jotfor.ms https://.jotform.co https://.fomo.com https://.keen.io https://.yandex.ru https://.nr-data.net https://.facebook.net https://.google-analytics.com https://.google.com https://.cloudfront.net https://.fullstory.com https://.newrelic.com https://.alphatec.net https://googleads.g.doubleclick.net https://.rentalcover.com https://.usefomo.com https://www.googletagmanager.com https://www.googleadservices.com https://komito.net https://.brightwrite.com https://bat.bing.com https://ajax.googleapis.com https://.zopim.com https://.trustpilot.com https://linksynergy.com https://track.linksynergy.com https://.linksynergy.com https://intljs.rmtag.com https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://.zdassets.com https://.nr-data.net .braintreegateway.com www.paypalobjects.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://.ccdc02.com https://cdnjs.cloudflare.com https://www.emjcd.com; connect-src 'self' https://.fullstory.com https://.segment.io https://.alphatec.net https://stats.usefomo.com wss://.zopim.com https://.google-analytics.com https://.yandex.ru https://.trustpilot.com https://.brightwrite.com https://sentry.io https://.xpay.xcover.com https://.covergenius.com https://.taboola.com https://www.gstatic.com https://firestore.googleapis.com https://rentalcover.zendesk.com https://.zdassets.com https://.nr-data.net .braintreegateway.com .braintree-api.com https://api.stripe.com .amazonaws.com .cardinalcommerce.com https://www.emjcd.com; media-src 'none'; frame-src 'self' https://.vimeo.com https://.g.doubleclick.net https://.trustpilot.com .braintreegateway.com c.paypal.com .cardinalcommerce.com https://js.stripe.com https://hooks.stripe.com https://.facebook.com https://.kayak.com https://.kayak.com.au https://.momondo.com.au https://.momondo.co.nz https://.momondo.com https://.hotelscombined.com.au https://.hotelscombined.co.nz https://.cheapflights.com.au https://.cheapflights.co.nz https://*.cheapflights.com https://www.emjcd.com https://cj.dotomi.com; worker-src 'self'; frame-ancestors 'self' https://rc.xcvr.co;
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
api3.brightwrite.com
bam.nr-data.net
bat.bing.com
c.brightwrite.com
cdn.brightwrite.com
cdn.taboola.com
connect.facebook.net
d26b395fwzu5fz.cloudfront.net
d2dq2ahtl5zl1z.cloudfront.net
dc.brightwrite.com
email.rentalcover.com
files.rentalcover.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
intljs.rmtag.com
js-agent.newrelic.com
mc.yandex.ru
rs.fullstory.com
stats.g.doubleclick.net
ut.ra.linksynergy.com
www.facebook.com
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rentalcover.com
13.225.84.216
13.238.4.254
143.204.97.118
143.204.98.220
151.101.114.110
151.101.14.2
162.247.242.21
172.217.18.98
2600:9000:21f3:e00:1d:5b69:7840:93a1
2606:4700:10::6814:f71f
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2013
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.102.147.248
35.186.194.58
35.241.23.116
35.244.139.140
54.68.60.138
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
067f7f41c0d2b8069a39ecb54d73ba4a1321adb5454d25083f8454e138dc9769
0a4fb3612c08af9f1b846a1395de3f38917a12f6844ff9a2a11a481722145544
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
19707c12384e889e46af1141fa4b08be956e0acf2036a1a0ca8ff20434ae53ad
26291c3079ef8efb223c61f62f29384f56359a72417d8ef47c2c5cf080a86eac
2648d4ee4ebeecd19a144a12358916f9c118238fab6efba9ec027c061ecfa68e
332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b
335ca630bd8fa39eddf31f2015b8b9d5881177a8f7de1299eb9164742bda49cc
3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641
493eeadb93f49163570e0eca71e1d991c9b7a667d3cdc460714a2b4240519aff
4dab9ed34f74ced7d78bdb6c934a4f3da29b22a481afe408e4a59786fab6dd96
534972535857da19c617c937441986146c8ebd0e296c76bab752127bfefe8fee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56cc8f182436220fd8a767125a1803278ed01f05461fa459fb511fad1366bafd
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2
62e9ae22a85b0246cc9bc89aee13b2c2e54dbb976e1ae2e4b70b111a258c3df2
66e85f111e25b6dcdd7298a12cf37b5791de02809dd9da05937d2dd0e01e797e
68cacdd08cceada492136babe49effb351c7ca3b78b7f06073773f36f742ba96
88f251f8d632f2640c2e0219b36cfc3c474006d8f200619eae1a6cda94717368
9df868b920f06bc9415fd8b170845984d461e3c4f46d74d2256c0cb37d18518c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
af063fa54681d9b74ba8b01b8249febba48c82d6eb3dc745a3313419c6c571fe
b307caf1063bbfb51c6528e822b66fcb962e88977c17296bc819df404b09db8b
b3f4884353eed0177a24a9e9b3a9ea055d067bd87935efb8e822a9d3e8f73f03
baf24470d112b3980899cc56e416523e115f607726eaf8d89b0b715897ad01b6
c3c9630e5bb5208f8aeff2843ff5179e6e36ab06fe29c5bfb86ebd67292b9c46
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1d8a117f164c7032dc63639ef23ea21eee6eeee3d2c119f29d3dc0d39c24f1
cf5f4edb2a93729976d6dc989db2be75c1d67f8cd7d508c675bff353de1f0421
d1171764bc64a8adfe0ee5fbd0606ce1e5a9125a463b5029904420c66440c5a7
d4187dcf935dcb1b180fdb44cf38524906aa6da4a915a38f9b57dab83229b708
d6812832b158ba7b85d0899d8b7763e08f8981f55b78763b3aa5c841ea5c533c
dbcabc0fa60cc5b3ed72cb98902b2f98a7e60faba47d244025840ad99829b344
e3ad534d8c80acccd3c50afba5fe9e2a05bcbe548ab391fcb77c86429194fdbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e852ab29f2edee14e6831efa74b873d943cb02206ee7baebcf1f20a887d6bf20
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebdafcb20e92ab72e1cc70e88055fb3f74bdc6591473ede0ad0b7f6ce0e2a530
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dcfc037a03a4eb7f54f38a8c6e6debcae4b1d45944de65c18de9027e7bc36d
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

www.rentalcover.com Open in urlscan Pro 2606:4700:10::6814:f71f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

54 %IPv6

22 Domains

30 Subdomains

27 IPs

6 Countries

1570 kBTransfer

5414 kBSize

20 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rentalcover.com Open in urlscan Pro
2606:4700:10::6814:f71f Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

54 %
IPv6

22
Domains

30
Subdomains

27
IPs

6
Countries

1570 kB
Transfer

5414 kB
Size

20
Cookies

53 HTTP transactions
0 data transactions