findquoteusa.com Open in urlscan Pro
162.241.253.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3AKb5uB#cl/59209_md/1/12395/2806/523/76500
Effective URL:
https://findquoteusa.com/sorry-blocked.html
Submission: On October 21 via api (October 21st 2021, 6:23:35 pm UTC) from BE — Scanned from DE

Summary HTTP 75 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 75 HTTP transactions. The main IP is 162.241.253.51, located in Brooklyn, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is findquoteusa.com.
TLS certificate: Issued by R3 on September 24th 2021. Valid for: 3 months.

This is the only time findquoteusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 13	195.189.226.208 195.189.226.208	41018 (OMNILANCE...) (OMNILANCE omnilance.com)
4	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
1	104.26.7.173 104.26.7.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.99.173.141 172.99.173.141	398343 (BAXET-GROUP) (BAXET-GROUP)
1 1	34.224.106.237 34.224.106.237	14618 (AMAZON-AES) (AMAZON-AES)
14	162.241.253.51 162.241.253.51	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
2	13.224.193.36 13.224.193.36	16509 (AMAZON-02) (AMAZON-02)
3	34.230.161.187 34.230.161.187	14618 (AMAZON-AES) (AMAZON-AES)
6	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	172.67.146.92 172.67.146.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	54.237.189.41 54.237.189.41	14618 (AMAZON-AES) (AMAZON-AES)
1	172.67.41.229 172.67.41.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.90.22.61 54.90.22.61	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.109 143.204.98.109	16509 (AMAZON-02) (AMAZON-02)
3	18.133.97.68 18.133.97.68	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.13 143.204.98.13	16509 (AMAZON-02) (AMAZON-02)
1	54.84.106.162 54.84.106.162	14618 (AMAZON-AES) (AMAZON-AES)
5	104.89.36.174 104.89.36.174	16625 (AKAMAI-AS) (AKAMAI-AS)
75	19

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.189.226.208 (Ukraine) 1 redirects

ASN41018 (OMNILANCE omnilance.com, UA)
PTR: mail.saapo.de

castlo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.173 (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.99.173.141 (Atlanta, United States)

ASN398343 (BAXET-GROUP, US)
PTR: 172-99-173-141.telecomgroupdesign.com

elasticlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.106.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-106-237.compute-1.amazonaws.com

h2htrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 162.241.253.51 (Brooklyn, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5767.bluehost.com

findquoteusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-36.fra2.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.230.161.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-161-187.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.146.92 (United States)

ASN13335 (CLOUDFLARENET, US)

leads.digitalmediasolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.189.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-189-41.compute-1.amazonaws.com

core.platform.ue.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.229 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.90.22.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-22-61.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.109 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-109.fra50.r.cloudfront.net

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.133.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.106.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-106-162.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.89.36.174 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-36-174.deploy.static.akamaitechnologies.com

www.nextinsure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	findquoteusa.com findquoteusa.com	593 KB
13	castlo.de 1 redirects castlo.de	358 KB
7	gstatic.com fonts.gstatic.com	131 KB
6	google-analytics.com www.google-analytics.com	20 KB
6	pushnami.com api.pushnami.com trc.pushnami.com psp.pushnami.com Failed	19 KB
5	nextinsure.com www.nextinsure.com	586 KB
4	anura.io script.anura.io ads.anura.io	18 KB
4	googletagmanager.com www.googletagmanager.com	192 KB
4	googleapis.com fonts.googleapis.com	4 KB
2	trustedform.com 1 redirects api.trustedform.com cdn.trustedform.com	6 KB
2	ue.co core.platform.ue.co	8 KB
2	digitalmediasolutions.com leads.digitalmediasolutions.com	2 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	h2htrk.com 1 redirects h2htrk.com	637 B
1	elasticlines.com elasticlines.com	495 B
1	ionicframework.com code.ionicframework.com	9 KB
1	bit.ly 1 redirects bit.ly	243 B
0	leadid.com Failed create.leadid.com Failed
75	18

	Domain	Requested by
14	findquoteusa.com	elasticlines.com findquoteusa.com
13	castlo.de	1 redirects castlo.de
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com findquoteusa.com
5	www.nextinsure.com	findquoteusa.com www.nextinsure.com
4	www.googletagmanager.com	findquoteusa.com www.googletagmanager.com
4	fonts.googleapis.com	castlo.de findquoteusa.com www.nextinsure.com
3	script.anura.io	findquoteusa.com script.anura.io
3	trc.pushnami.com	api.pushnami.com
2	core.platform.ue.co	leads.digitalmediasolutions.com
2	leads.digitalmediasolutions.com	findquoteusa.com
2	api.pushnami.com	findquoteusa.com api.pushnami.com
1	psp.pushnami.com	api.pushnami.com
1	ads.anura.io	script.anura.io
1	cdn.trustedform.com	findquoteusa.com
1	api.trustedform.com	1 redirects api.trustedform.com
1	create.lidstatic.com	findquoteusa.com
1	h2htrk.com	1 redirects
1	elasticlines.com	castlo.de
1	code.ionicframework.com	castlo.de
1	bit.ly	1 redirects
0	create.leadid.com Failed	create.lidstatic.com
75	22

This site contains links to these domains. Also see Links.

Domain
www.findquoteusa.com
www.networkadvertising.org
www.d1.sc.omtrdc.net
rt.displaymarketplace.com
www.privacychoice.org
www.aboutads.info

Subject Issuer	Validity	Valid
elasticlines.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
findquoteusa.com R3	`2021-09-24` - `2021-12-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.platform.ue.co Amazon	`2021-01-06` - `2022-02-03`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
cdn.trustedform.com Amazon	`2021-05-14` - `2022-06-12`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
www.quinstreet.com GeoTrust RSA CA 2018	`2021-10-19` - `2022-09-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://findquoteusa.com/sorry-blocked.html
Frame ID: 98D203C8A26EF65B95B3D6ED9066ED9D
Requests: 72 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: EC4F954CDAAE99B3671A11991EC31100
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Find Insurance Quotes - Sorry

Page URL History Show full URLs

https://bit.ly/3AKb5uB HTTP 301
http://castlo.de/ Page URL
http://castlo.de/cl/59209_md/1/12395/2806/523/76500 HTTP 302
https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md Page URL
https://h2htrk.com/?a=1858&c=23505&s1=350789&s2=621104024 HTTP 302
https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal Page URL
https://findquoteusa.com/sorry-blocked.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

75
Requests

75 %
HTTPS

0 %
IPv6

18
Domains

22
Subdomains

19
IPs

3
Countries

1985 kB
Transfer

4143 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.findquoteusa.com/privacy/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.networkadvertising.org/managing/opt_out.asp
Title: Network Advertising Initiative

Search URL Search Domain Scan URL

URL: https://www.d1.sc.omtrdc.net/optout.html?omniture=1&popup=1&locale=en_US&second=1&second_has_cookie=0
Title: Omniture

Search URL Search Domain Scan URL

URL: http://rt.displaymarketplace.com/optout.html
Title: Aperture

Search URL Search Domain Scan URL

URL: http://www.privacychoice.org/privacymark
Title: PrivacyChoice

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: https://www.findquoteusa.com/ibterms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.findquoteusa.com/privacy/text-messaging.html
Title: Text Messaging Services Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3AKb5uB HTTP 301
http://castlo.de/ Page URL
http://castlo.de/cl/59209_md/1/12395/2806/523/76500 HTTP 302
https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md Page URL
https://h2htrk.com/?a=1858&c=23505&s1=350789&s2=621104024 HTTP 302
https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal Page URL
https://findquoteusa.com/sorry-blocked.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3AKb5uB HTTP 301
http://castlo.de/

Request Chain 14

http://castlo.de/cl/59209_md/1/12395/2806/523/76500 HTTP 302
https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md

Request Chain 15

https://h2htrk.com/?a=1858&c=23505&s1=350789&s2=621104024 HTTP 302
https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Request Chain 44

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16348406093530.852808226413825&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16348406093530.852808226413825&invert_field_sensitivity=false

75 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
castlo.de/
Redirect Chain

https://bit.ly/3AKb5uB
http://castlo.de/

16 KB
16 KB

82ms
41ms

Document
text/html

195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Host: castlo.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

server: nginx
date: Thu, 21 Oct 2021 18:23:24 GMT
content-type: text/html; charset=utf-8
content-length: 104
cache-control: private, max-age=90
content-security-policy: referrer always;
location: http://castlo.de/
referrer-policy: unsafe-url
set-cookie: _bit=l9lino-9f929e3caf00693031-009; Domain=bit.ly; Expires=Tue, 19 Apr 2022 18:23:24 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 24ms
17ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:400,300,700

Requested by

Host: castlo.de
URL: http://castlo.de/

Protocol

HTTP/1.1

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 21 Oct 2021 18:23:25 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
Expires: Thu, 21 Oct 2021 18:23:25 GMT

GET
H/1.1 200
OK ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 45ms
29ms Stylesheet
text/css 104.26.7.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 104.26.7.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Fastly-Request-ID: 70976580d2012b6f1514879dc46bfe1ea2121c32
Date: Thu, 21 Oct 2021 18:23:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 81470
X-Cache: HIT
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 8313
X-Served-By: cache-fra19157-FRA
Access-Control-Allow-Origin: *
Last-Modified: Thu, 29 Apr 2021 18:50:21 GMT
Server: cloudflare
X-GitHub-Request-Id: ED30:A231:55E236:5C1EF6:616D0344
X-Timer: S1634759136.537001,VS0,VE1
ETag: W/"608affed-c854"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7W6aaOOq8zABPYlQYfzWcmg8yzdysGO2cLZydcvE6QBM5E83Uhmov1SCJhM7Jlw8TzDMQIkSPcLp7pwOSBy2DStItHz4w3361YQQJts0IUcDiMEyv87VWDoPaYhf%2BWSF6VbMa6PW8EeJ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Via: 1.1 varnish
expires: Mon, 18 Oct 2021 05:26:53 GMT
Cache-Control: max-age=31536000
x-proxy-cache: MISS
Accept-Ranges: bytes
CF-RAY: 6a1c8455aa3c2780-PRG
x-origin-cache: HIT
X-Cache-Hits: 1

GET
H/1.1 200
OK bootstrap.min.css
castlo.de/css/ 111 KB
112 KB 72ms
52ms Stylesheet
text/css 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/css/bootstrap.min.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "1bd5b-539c3812a6b00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 114011

GET
H/1.1 200
OK font-awesome.min.css
castlo.de/css/ 21 KB
22 KB 86ms
45ms Stylesheet
text/css 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/css/font-awesome.min.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "55e0-539c3812a6b00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21984

GET
H/1.1 200
OK owl.carousel.css
castlo.de/css/ 5 KB
5 KB 86ms
45ms Stylesheet
text/css 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/css/owl.carousel.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "1206-539c3812a6b00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4614

GET
H/1.1 200
OK animate.css
castlo.de/css/ 73 KB
73 KB 86ms
45ms Stylesheet
text/css 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/css/animate.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "12279-539c3812a6b00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 74361

GET
H/1.1 200
OK main.css
castlo.de/css/ 17 KB
17 KB 87ms
46ms Stylesheet
text/css 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/css/main.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "4452-539c3812a6b00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17490

GET
H/1.1 200
OK responsive.css
castlo.de/css/ 2 KB
2 KB 87ms
46ms Stylesheet
text/css 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to

Full URL: http://castlo.de/css/responsive.css
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "80f-539c3812a6b00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2063

GET
H/1.1 200
OK logo.png
castlo.de/images/ 3 KB
3 KB 41ms
41ms Image
image/png 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://castlo.de/images/logo.png
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "b67-539c3812a6b00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2919

GET
H/1.1 200
OK logo-2.png
castlo.de/images/ 3 KB
3 KB 45ms
44ms Image
image/png 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://castlo.de/images/logo-2.png
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "c30-539c3812a6b00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3120

GET
H/1.1 200
OK 1.jpg
castlo.de/images/about/ 50 KB
51 KB 43ms
43ms Image
image/jpeg 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://castlo.de/images/about/1.jpg
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "c8c7-539c3812a6b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 51399

GET
H/1.1 200
OK 2.jpg
castlo.de/images/about/ 34 KB
34 KB 42ms
41ms Image
image/jpeg 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://castlo.de/images/about/2.jpg
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "889e-539c3812a6b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 34974

GET
H/1.1 200
OK 3.jpg
castlo.de/images/about/ 19 KB
19 KB 41ms
41ms Image
image/jpeg 195.189.226.208
OMNILANCE omnilan...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://castlo.de/images/about/3.jpg
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Server: 195.189.226.208 , Ukraine, ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS: mail.saapo.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: castlo.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://castlo.de/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Last-Modified: Thu, 11 Aug 2016 03:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "4c50-539c3812a6b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 19536

GET
H/1.1

200
OK

523_76500_12395_678373_md
elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/
Redirect Chain

http://castlo.de/cl/59209_md/1/12395/2806/523/76500
https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md

120 B
495 B

1218ms
582ms

Document
text/html

172.99.173.141
BAXET-GROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md
Requested by: Host: castlo.de
URL: http://castlo.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.99.173.141 Atlanta, United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS: 172-99-173-141.telecomgroupdesign.com
Software: Apache /
Resource Hash

Request headers

Host: elasticlines.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://castlo.de/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://castlo.de/#cl/59209_md/1/12395/2806/523/76500

Response headers

date: Thu, 21 Oct 2021 18:23:27 GMT
content-type: text/html; charset=UTF-8
server: Apache
set-cookie: uid2989=621104024-20211021142326-15c662f59f0f3391bdcfc4ad57150168-; domain=; expires=Sun, 21-Nov-2021 17:23:27 GMT; path=/; SameSite=None; Secure
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Date: Thu, 21 Oct 2021 18:23:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Location: https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md
Content-Length: 163
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2

200

insurance.php Show response
findquoteusa.com/
Redirect Chain

https://h2htrk.com/?a=1858&c=23505&s1=350789&s2=621104024
https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

87 KB
29 KB

847ms
406ms

Document
text/html

162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Requested by: Host: elasticlines.com
URL: https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: 5c9fb5974877d36ddcf3f9d1621548b783fe6c24146b7974663f02ea35bc5cdb

Request headers

:method: GET
:authority: findquoteusa.com
:scheme: https
:path: /insurance.php?affid=internal&s1=internal&s2=internal
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://elasticlines.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://elasticlines.com/0/2/8156/0bef6c810f960539774535dcfae56a77/1/59209_1/523_76500_12395_678373_md

Response headers

cache-control: max-age=300
expires: Thu, 21 Oct 2021 18:28:28 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: text/html; charset=UTF-8
date: Thu, 21 Oct 2021 18:23:28 GMT
server: Apache

Redirect headers

Cache-Control: private
Content-Length: 202
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Oct 2021 18:23:27 GMT
Location: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=ns7h5ref4VyVvPY/bq1z9bI4RAaiUjIdEk9Bc8B9E0QYOA6K+w7ssA==; domain=.h2htrk.com; path=/; SameSite=None; secure; HttpOnly trk=QOGnz5PScF2VvPY/bq1z9bI4RAaiUjIdEk9Bc8B9E0QYOA6K+w7ssA==; domain=.h2htrk.com; expires=Wed, 21-Oct-2026 14:23:27 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 55ms
31ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-196415297-2

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9568c8b835793ea26e7fa4556940978f1de0bafb9fa748d38ea0c0574d2dd2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36726
x-xss-protection: 0
expires: Thu, 21 Oct 2021 18:23:28 GMT

GET
H2 200 logo.svg
findquoteusa.com/assets/img/files/ 6 KB
6 KB 234ms
234ms Image
image/svg+xml 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findquoteusa.com/assets/img/files/logo.svg
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: ea32677f9b987cc279f62fed66e6297f4e33a1357c5a6087a5de512e330c6f78

Request headers

:path: /assets/img/files/logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
last-modified: Thu, 21 Oct 2021 15:52:20 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=21600
accept-ranges: bytes
content-length: 6397
expires: Fri, 22 Oct 2021 00:23:28 GMT

GET
H2 200 hero-insurance.jpg
findquoteusa.com/assets/img/files/box-info-1/ 81 KB
81 KB 233ms
231ms Image
image/jpeg 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findquoteusa.com/assets/img/files/box-info-1/hero-insurance.jpg
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: 70e2bda74e895dccac7396de9464cfb8f763f742ea340e7815364f7c96d5217e

Request headers

:path: /assets/img/files/box-info-1/hero-insurance.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
last-modified: Thu, 21 Oct 2021 15:52:28 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 82756
expires: Fri, 21 Oct 2022 18:23:28 GMT

GET
H2 200 hero-00.jpg
findquoteusa.com/assets/img/files/box-info-1/ 68 KB
69 KB 147ms
146ms Image
image/jpeg 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findquoteusa.com/assets/img/files/box-info-1/hero-00.jpg
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: a3b5fd8c7959bfdb8e752d1053bc1120aa7e03a94450b03ab7ffb1da9f61b6be

Request headers

:path: /assets/img/files/box-info-1/hero-00.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
last-modified: Thu, 21 Oct 2021 15:52:28 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 70016
expires: Fri, 21 Oct 2022 18:23:28 GMT

GET
H2 200 logo-mark-white.svg
findquoteusa.com/assets/img/files/ 946 B
980 B 232ms
231ms Image
image/svg+xml 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findquoteusa.com/assets/img/files/logo-mark-white.svg
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: 7b189e13f053a38c24e475b5c1ea40a6539d8d711f4066d21a0275ef3f419a4f

Request headers

:path: /assets/img/files/logo-mark-white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
last-modified: Thu, 21 Oct 2021 15:52:20 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=21600
accept-ranges: bytes
content-length: 946
expires: Fri, 22 Oct 2021 00:23:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
37 KB 59ms
39ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9W69V4

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e985cbc88929009567a5dfebf131ff7f4b4b8eb877ff233d42071e8d1fd1a15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37584
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Oct 2021 18:23:28 GMT

GET
H2 200 main.min.css
findquoteusa.com/assets/css/ 268 KB
60 KB 361ms
359ms Stylesheet
text/css 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/assets/css/main.min.css
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: c014cbd868d1912cea624822ff132611f3f3aeee922d46930e8ddfd3c421f3e2

Request headers

:path: /assets/css/main.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 15:52:11 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 18:23:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 80ms
32ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

3be09b57f4ddbc74f8d4e72fea0807bf03ac934a74d71e841309558aefde7b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 18:23:28 GMT
server: ESF
date: Thu, 21 Oct 2021 18:23:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 21 Oct 2021 18:23:28 GMT

GET
H2 200 60957a20cec27b00109a292e Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 83 KB
17 KB 52ms
11ms Script
application/javascript 13.224.193.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/60957a20cec27b00109a292e
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-36.fra2.r.cloudfront.net
Software: /
Resource Hash: 5cd4655620b31af86f0dd4f09d9c6b97707846525ea356de359c647c6d5510fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:15:31 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
age: 477
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
x-amz-cf-id: r-_6UFWYlB6-QVPMlwdUmuIYiZI3zqbK8y3LHsOjOkNFcYrAzj61nQ==

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 113ms
112ms Fetch
text/html 34.230.161.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/60957a20cec27b00109a292e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.161.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-161-187.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://findquoteusa.com/
key: 60957a20cec27b00109a292e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 21 Oct 2021 18:23:29 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 326ms
105ms Preflight 34.230.161.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 34.230.161.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-161-187.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://findquoteusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
59 KB 33ms
32ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EWPC62C4D1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-196415297-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9e124483dbf54bda14e9e53e4dd002847cf69975809970612ca34a19b485b516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60666
x-xss-protection: 0
expires: Thu, 21 Oct 2021 18:23:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9W69V4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 5791
date: Thu, 21 Oct 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Thu, 21 Oct 2021 18:46:57 GMT

GET
H2 200 partners.js Show response
leads.digitalmediasolutions.com/js/ 918 B
1 KB 474ms
413ms Script
application/javascript 172.67.146.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.digitalmediasolutions.com/js/partners.js?vertical=health-insurance

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2694f89920029c30b9aa6013f14f53db3d08bc2547ab3de3999a36b1c1f5bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Oct 2021 14:05:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6165961e-396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBzJhaojGj0WIAqhH4BxHLcDNkmKM7F%2BDrswxesOspXZ56ggoao%2FVeXzo3yM8B702UfRR8UAT0XBWReuef5PQxJjlEKAUDE2VCkfD48BEnYyNhiSnrDl02Ls9CO981taDjwFjLhDcAHpwnbvMOXfaJzz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200, no-cache="set-cookie"
cf-ray: 6a1c846daf41410e-PRG

GET
H2 200 partners.js Show response
leads.digitalmediasolutions.com/js/ 918 B
709 B 489ms
428ms Script
application/javascript 172.67.146.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leads.digitalmediasolutions.com/js/partners.js?vertical=medicare

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2694f89920029c30b9aa6013f14f53db3d08bc2547ab3de3999a36b1c1f5bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Oct 2021 14:05:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6165961e-396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XU%2BDsbApXO1h4NxILEIrGbbt2NcHMzUAS4%2Br4BpZgTcbFuoKFvLRDqKp5bYp6rvvYXZdilrh%2B3Z8U4Gx3H%2FMkLpIKJPoiO2i42UL1srcegNXjQ1ENWYvFd4zv3JgGroyaGtQ8UI8XLw0Wxz7UC6fiHn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200, no-cache="set-cookie"
cf-ray: 6a1c846dbf44410e-PRG

GET
H2 200 main.min-001.js Show response
findquoteusa.com/assets/js/ 257 KB
101 KB 377ms
377ms Script
application/javascript 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/assets/js/main.min-001.js
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: f673a75d34e2ed81d34ce16fe43a111d9ef574ce8aecb61ecefe9c70b2f0c854

Request headers

:path: /assets/js/main.min-001.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 15:52:11 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 22 Oct 2021 00:23:29 GMT

GET
H2 200 main.min-insurance.js Show response
findquoteusa.com/assets/js/ 22 KB
9 KB 376ms
376ms Script
application/javascript 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/assets/js/main.min-insurance.js
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: e49b6893b4faba257684bbf48f188e091ab6a30a81472f5bcca32e7e14fe31f4

Request headers

:path: /assets/js/main.min-insurance.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 15:52:12 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 8884
expires: Fri, 22 Oct 2021 00:23:29 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 47ms
23ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EWPC62C4D1&gtm=2oeak0&_p=872254316&sr=1600x1200&ul=en-us&cid=451190452.1634840609&_s=1&dl=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php%3Faffid%3Dinternal%26s1%3Dinternal%26s2%3Dinternal&dr=https%3A%2F%2Felasticlines.com%2F&dt=findquoteusa.com%20-%20Health%20Insurance&sid=1634840608&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWPC62C4D1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findquoteusa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
24ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=872254316&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php%3Faffid%3Dinternal%26s1%3Dinternal%26s2%3Dinternal&dr=https%3A%2F%2Felasticlines.com%2F&ul=en-us&de=UTF-8&dt=findquoteusa.com%20-%20Health%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=Lead&el=Form%20Ping%20Success&_u=YADAAEABAAAAAC~&jid=2096202556&gjid=190554444&cid=451190452.1634840609&tid=UA-196415297-2&_gid=1430378587.1634840609&_r=1&gtm=2wgak0T9W69V4&z=208107154

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findquoteusa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 23ms
23ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=872254316&t=pageview&_s=1&dl=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php%3Faffid%3Dinternal%26s1%3Dinternal%26s2%3Dinternal&dr=https%3A%2F%2Felasticlines.com%2F&ul=en-us&de=UTF-8&dt=findquoteusa.com%20-%20Health%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1759148153&gjid=1191294620&cid=451190452.1634840609&tid=UA-196415297-2&_gid=1430378587.1634840609&_r=1&gtm=2ouak0&z=1573527103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findquoteusa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=872254316&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php%3Faffid%3Dinternal%26s1%3Dinternal%26s2%3Dinternal&dr=https%3A%2F%2Felasticlines.com%2F&ul=en-us&de=UTF-8&dt=findquoteusa.com%20-%20Health%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Lead&ea=undefined&el=Form%20Post%20Success&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=451190452.1634840609&tid=UA-196415297-2&_gid=1430378587.1634840609&gtm=2wgak0T9W69V4&z=1954307302

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 01:14:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61725
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 140ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 387823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:39:46 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 145ms
14ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 354837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Oct 2022 15:49:32 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 149ms
20ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 16:36:33 GMT
x-content-type-options: nosniff
age: 438416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 16 Oct 2022 16:36:33 GMT

GET
H2 200 fa-solid-900.woff2
findquoteusa.com/assets/fonts/fontawesome/webfonts/ 66 KB
66 KB 133ms
131ms Font
font/woff2 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/assets/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

sec-fetch-mode: cors
origin: https://findquoteusa.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _ga_EWPC62C4D1=GS1.1.1634840608.1.0.1634840608.0; _ga=GA1.2.451190452.1634840609; _gid=GA1.2.1430378587.1634840609; _gat_UA-196415297-2=1; _gat_gtag_UA_196415297_2=1
:path: /assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: findquoteusa.com
referer: https://findquoteusa.com/assets/css/main.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://findquoteusa.com/assets/css/main.min.css
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
last-modified: Thu, 21 Oct 2021 15:52:26 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=21600
accept-ranges: bytes
content-length: 67400
expires: Fri, 22 Oct 2021 00:23:29 GMT

GET
H2 200 partner-names Show response
core.platform.ue.co/public/ 1 KB
2 KB 314ms
109ms Fetch
application/json 54.237.189.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.platform.ue.co/public/partner-names?vertical=health-insurance
Requested by: Host: leads.digitalmediasolutions.com
URL: https://leads.digitalmediasolutions.com/js/partners.js?vertical=health-insurance
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.189.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-189-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0ddbb6356b79c35f8cfe1a34e7bdb5969549853bdd21d20d40eeb31ac9f2ba93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://findquoteusa.com
date: Thu, 21 Oct 2021 18:23:29 GMT
cache-control: no-cache, private
server: nginx
content-type: application/json

GET
H2 200 partner-names Show response
core.platform.ue.co/public/ 6 KB
6 KB 300ms
110ms Fetch
application/json 54.237.189.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.platform.ue.co/public/partner-names?vertical=medicare
Requested by: Host: leads.digitalmediasolutions.com
URL: https://leads.digitalmediasolutions.com/js/partners.js?vertical=medicare
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.189.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-189-41.compute-1.amazonaws.com
Software: nginx /
Resource Hash: de42213986f8d2fcc65ba9a5ae75beb4893fdf4a4aad4a875db3e8ae3a0dcbcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://findquoteusa.com
date: Thu, 21 Oct 2021 18:23:29 GMT
cache-control: no-cache, private
server: nginx
content-type: application/json

GET
H2 200 2dd52182-2465-1adb-e8e6-6e4b0df18e6d.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 859ms
799ms Script
text/javascript 172.67.41.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/2dd52182-2465-1adb-e8e6-6e4b0df18e6d.js?snippet_version=2
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f3749b4c7960be5a20f00354a7d2e81fc0bbbc5a17338cc586183f3ba8dd94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 24 May 2021 14:17:38 GMT
server: cloudflare
x-amz-request-id: FBGPD701BPK5AWXN
etag: W/"65f0ea7202ad752c8439dea0c9472663"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 6a1c8470e93b4114-PRG
x-amz-version-id: 7fVrGcOOuNV8AKB.Nyg913sZdI3RCkZc
x-amz-id-2: pBmzE4AeafV6K+/ngNuZ5ZKi3Tww8eaOvGJ4daj9Z3oZTgdq1hsKV9Hhr19p7c9N5TCDmNfyNcE=

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16348406093530.852808226413825&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16348406093530.852808226413825&invert_field_sensitivity=false

14 KB
6 KB

295ms
229ms

Script
application/javascript

143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16348406093530.852808226413825&invert_field_sensitivity=false
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-109.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 22:37:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"676b14012df40978e4f1e696cb3be8f4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-version-id: Wukglm8NBgwYNfr9FYt3vY_dbgf_HJ6l
x-amz-cf-id: AJE51FNwP-Tqp6uJcQ5b7-X_MqC6mSKNEdM3QuhtE2oHNsIBlPVgZw==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16348406093530.852808226413825&invert_field_sensitivity=false
date: Thu, 21 Oct 2021 18:23:29 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 request.js Show response
script.anura.io/ 47 KB
17 KB 316ms
239ms Script
application/javascript 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=3751518728&source=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php&campaign=internal_internal&callback=optionalCallbackFunction&732709104414

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/assets/js/main.min-insurance.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4c39e320b45a107df01e36847b792602d60e4b38e151bb5a93ed2f4c81ce00a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 insurance_providers.js Show response
findquoteusa.com/includes/partials/json/ 19 KB
3 KB 150ms
150ms XHR
application/javascript 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/includes/partials/json/insurance_providers.js
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/assets/js/main.min-001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: fdf47ab7bfc0384a1a0c7b2789ede828ad547adb6276c5abeda9a8a110c589ef

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga_EWPC62C4D1=GS1.1.1634840608.1.0.1634840608.0; _ga=GA1.2.451190452.1634840609; _gid=GA1.2.1430378587.1634840609; _gat_UA-196415297-2=1; _gat_gtag_UA_196415297_2=1
:path: /includes/partials/json/insurance_providers.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: findquoteusa.com
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:29 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 16:07:58 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 2801
expires: Fri, 22 Oct 2021 00:23:29 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
352 B 46ms
8ms XHR
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?160017090200
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3751518728&source=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php&campaign=internal_internal&callback=optionalCallbackFunction&732709104414
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-13.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:16:06 GMT
content-encoding: gzip
server: nginx
age: 18443
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZWHM3Aliz3Lu30twvw4fwmgEihI0bYXf-Za_eS1wypHqM-0xodBXMw==
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)

POST
H2 200 response.json Show response
script.anura.io/ 52 B
405 B 107ms
64ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3751518728&source=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php&campaign=internal_internal&callback=optionalCallbackFunction&732709104414

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0d0d11a1aa1fb16210e8c66d96787cb7925646cd450054b8ab603591d4a33112

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST GenerateToken
create.leadid.com/2.11.7/ 0
0

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame EC4F 2 KB
1 KB 18ms
18ms Document
text/html 13.224.193.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/60957a20cec27b00109a292e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.36 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-36.fra2.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

:method: GET
:authority: api.pushnami.com
:scheme: https
:path: /scripts/v1/hub
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://findquoteusa.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/

Response headers

content-type: text/html; charset=utf-8
date: Thu, 21 Oct 2021 17:36:03 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8Zil9khGkBV67FbcHM0PLoZOwyy_5cwdHSKFb_qQ3yZNN4yJw76NnA==
age: 2847

POST certs
api.trustedform.com/ 0
0

POST psp
psp.pushnami.com/api/ 0
0

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 361ms
154ms Preflight
application/json 54.84.106.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Server: 54.84.106.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-106-162.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://findquoteusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://findquoteusa.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

POST
H2 200 result.json
script.anura.io/ 41 B
396 B 46ms
46ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/assets/js/main.min-insurance.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 Primary Request sorry-blocked.html Show response
findquoteusa.com/ 99 KB
35 KB 172ms
171ms Document
text/html 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/sorry-blocked.html
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/assets/js/main.min-insurance.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: fdebcefdbe38c83f6f4d54e5d622083ee6b5d3fe322a7c6e60440902f9067ae8

Request headers

:method: GET
:authority: findquoteusa.com
:scheme: https
:path: /sorry-blocked.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal
accept-encoding: gzip, deflate, br
cookie: _ga_EWPC62C4D1=GS1.1.1634840608.1.0.1634840608.0; _ga=GA1.2.451190452.1634840609; _gid=GA1.2.1430378587.1634840609; _gat_UA-196415297-2=1; _gat_gtag_UA_196415297_2=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal

Response headers

last-modified: Thu, 14 Oct 2021 23:12:58 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Thu, 21 Oct 2021 18:28:30 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: text/html
date: Thu, 21 Oct 2021 18:23:30 GMT
server: Apache

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 106ms
106ms Preflight 34.230.161.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 34.230.161.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-161-187.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://findquoteusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST collect
www.google-analytics.com/g/ 0
0

POST track
trc.pushnami.com/api/push/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 160 KB
59 KB 39ms
38ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EBDM8K8M9Y

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/sorry-blocked.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4f3f17ddd2611c58f1e9feabf453452df2680f6fdc742a8d5988a9f4bc05e88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60706
x-xss-protection: 0
expires: Thu, 21 Oct 2021 18:23:30 GMT

GET
H2 200 sh Show response
www.nextinsure.com/listingdisplay/loader/ 100 KB
30 KB 647ms
578ms Script
application/javascript 104.89.36.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/listingdisplay/loader/sh

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/sorry-blocked.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.36.174 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-36-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ead7ace8c28d67f1151ba09c362c25b5e8607b2c01e8cc6658a302537ef2b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cfg-version: v77
x-shcmp: 1
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
vary: Accept-Encoding
content-length: 29859
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Oct 2021 20:47:02 GMT
x-frame-options: SAMEORIGIN
date: Thu, 21 Oct 2021 18:23:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-ld: f2

GET
H2 200 main.min.css
findquoteusa.com/assets/css/ 268 KB
60 KB 159ms
158ms Stylesheet
text/css 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/assets/css/main.min.css
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/sorry-blocked.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: c014cbd868d1912cea624822ff132611f3f3aeee922d46930e8ddfd3c421f3e2

Request headers

:path: /assets/css/main.min.css
pragma: no-cache
cookie: _ga=GA1.2.451190452.1634840609; _gid=GA1.2.1430378587.1634840609; _gat_UA-196415297-2=1; _gat_gtag_UA_196415297_2=1; _ga_EWPC62C4D1=GS1.1.1634840608.1.0.1634840610.0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: findquoteusa.com
referer: https://findquoteusa.com/sorry-blocked.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/sorry-blocked.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 15:52:11 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 18:23:30 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
455 B 58ms
34ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Requested by

Host: findquoteusa.com
URL: https://findquoteusa.com/sorry-blocked.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

fd7dd58aefb71759ae1ea701a6a0315fa363f9ddfc1d3c17aec01930e71aadf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 18:23:30 GMT
server: ESF
date: Thu, 21 Oct 2021 18:23:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 21 Oct 2021 18:23:30 GMT

GET
H2 200 logo.svg
findquoteusa.com/assets/img/files/ 6 KB
6 KB 146ms
146ms Image
image/svg+xml 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findquoteusa.com/assets/img/files/logo.svg
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/sorry-blocked.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: ea32677f9b987cc279f62fed66e6297f4e33a1357c5a6087a5de512e330c6f78

Request headers

:path: /assets/img/files/logo.svg
pragma: no-cache
cookie: _gid=GA1.2.1430378587.1634840609; _gat_UA-196415297-2=1; _gat_gtag_UA_196415297_2=1; _ga_EWPC62C4D1=GS1.1.1634840608.1.0.1634840610.0; _ga_EBDM8K8M9Y=GS1.1.1634840610.1.0.1634840610.0; _ga=GA1.1.451190452.1634840609
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: findquoteusa.com
referer: https://findquoteusa.com/sorry-blocked.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/sorry-blocked.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:30 GMT
last-modified: Thu, 21 Oct 2021 15:52:20 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=21600
accept-ranges: bytes
content-length: 6397
expires: Fri, 22 Oct 2021 00:23:30 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 23ms
22ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EBDM8K8M9Y&gtm=2oeak0&_p=1492267073&sr=1600x1200&ul=en-us&cid=451190452.1634840609&_s=1&dl=https%3A%2F%2Ffindquoteusa.com%2Fsorry-blocked.html&dr=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php%3Faffid%3Dinternal%26s1%3Dinternal%26s2%3Dinternal&dt=Find%20Insurance%20Quotes%20-%20Sorry&sid=1634840610&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EBDM8K8M9Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 18:23:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findquoteusa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget Show response
www.nextinsure.com/ListingDisplay/loader/ 802 KB
553 KB 205ms
205ms Script
application/javascript 104.89.36.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/loader/widget?src=667940&idx=0

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.36.174 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-36-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

11b8de8a95c2449601704c636ab1065a100c006e984a7ba623895dc3cdd729aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cfg-version: v77
x-shcmp: 1
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
vary: Accept-Encoding
content-length: 564120
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Jun 2020 18:07:33 GMT
x-frame-options: SAMEORIGIN
date: Thu, 21 Oct 2021 18:23:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-ld: d1

GET
H2 200 fa-solid-900.woff2
findquoteusa.com/assets/fonts/fontawesome/webfonts/ 66 KB
66 KB 134ms
133ms Font
font/woff2 162.241.253.51
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://findquoteusa.com/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: findquoteusa.com
URL: https://findquoteusa.com/assets/css/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.51 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5767.bluehost.com
Software: Apache /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

sec-fetch-mode: cors
origin: https://findquoteusa.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gid=GA1.2.1430378587.1634840609; _gat_UA-196415297-2=1; _gat_gtag_UA_196415297_2=1; _ga_EWPC62C4D1=GS1.1.1634840608.1.0.1634840610.0; _ga_EBDM8K8M9Y=GS1.1.1634840610.1.0.1634840610.0; _ga=GA1.1.451190452.1634840609
:path: /assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: findquoteusa.com
referer: https://findquoteusa.com/assets/css/main.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://findquoteusa.com/assets/css/main.min.css
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:23:31 GMT
last-modified: Thu, 21 Oct 2021 15:52:26 GMT
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=21600
accept-ranges: bytes
content-length: 67400
expires: Fri, 22 Oct 2021 00:23:31 GMT

GET
H3 200 css
fonts.googleapis.com/ 9 KB
745 B 26ms
26ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://findquoteusa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 18:00:21 GMT
server: ESF
date: Thu, 21 Oct 2021 18:23:32 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 21 Oct 2021 18:23:32 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b7d1a89fd438db03154e395bae79fc05d6f47f27dcaae15dc7ad1fb500876eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame 0
0 188ms
169ms Preflight 104.89.36.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Protocol

Server

104.89.36.174 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-36-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://findquoteusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

allow: OPTIONS, TRACE, GET, HEAD, POST
public: OPTIONS, TRACE, GET, HEAD, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
access-control-allow-methods: OPTIONS,POST,GET
access-control-allow-origin: *
timing-allow-origin: *
x-ld: e2
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
content-length: 0
date: Thu, 21 Oct 2021 18:23:32 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-cfg-version: v77
strict-transport-security: max-age=31536000 ; includeSubDomains

POST
H2 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 724 B
2 KB 351ms
332ms XHR
application/json 104.89.36.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.36.174 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-36-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

80489da75a1f3801004aa765be6e916565580bae708e633b15b84b78f2854aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-cfg-version: v77
x-shcmp: 1
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
vary: Accept-Encoding
content-length: 417
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 21 Oct 2021 18:23:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-ld: g3

POST
H2 200 ev.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
1 KB 171ms
170ms XHR
application/json 104.89.36.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.36.174 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-36-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://findquoteusa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-cfg-version: v77
date: Thu, 21 Oct 2021 18:23:32 GMT
x-content-type-options: nosniff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=31536000 ; includeSubDomains
timing-allow-origin: *
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net; style-src *.googleapis.com 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com; img-src * data:; style-src-elem * 'unsafe-inline'; report-uri /ListingDisplay/handlers/csp.ashx;
content-length: 2
x-xss-protection: 1; mode=block
x-ld: b2

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 27ms
13ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 12:44:42 GMT
x-content-type-options: nosniff
age: 20330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 12:44:42 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 24ms
11ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 262555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 27ms
15ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:26:59 GMT
x-content-type-options: nosniff
age: 309393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Oct 2022 04:26:59 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 20ms
9ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://findquoteusa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:34:21 GMT
x-content-type-options: nosniff
age: 2951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16064
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:34:21 GMT

GET
DATA 200
OK truncated
/ 540 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b030f009a5c832a2fa54eeaedd202b060f7581dd98fbb235a8f5f33b6d03d87a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: create.leadid.com
URL: https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=f9705a8a-fc41-4108-a0c5-1d7201d8257a&_=488090264

Domain: api.trustedform.com
URL: https://api.trustedform.com/certs

Domain: psp.pushnami.com
URL: https://psp.pushnami.com/api/psp

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EWPC62C4D1&gtm=2oeak0&_p=872254316&sr=1600x1200&ul=en-us&cid=451190452.1634840609&_s=2&dl=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php%3Faffid%3Dinternal%26s1%3Dinternal%26s2%3Dinternal&dr=https%3A%2F%2Felasticlines.com%2F&dt=findquoteusa.com%20-%20Health%20Insurance&sid=1634840608&sct=1&seg=0&en=user_engagement&_et=1650

Domain: trc.pushnami.com
URL: https://trc.pushnami.com/api/push/track

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 02:26:32	Name: _bit Value: l9lino-9f929e3caf00693031-009
elasticlines.com/	1970-01-19 22:51:55	Name: uid2989 Value: 621104024-20211021142326-15c662f59f0f3391bdcfc4ad57150168-
.h2htrk.com/	1969-12-31 23:59:59	Name: sid Value: ns7h5ref4VyVvPY/bq1z9bI4RAaiUjIdEk9Bc8B9E0QYOA6K+w7ssA==
.h2htrk.com/	1970-01-21 17:56:32	Name: trk Value: QOGnz5PScF2VvPY/bq1z9bI4RAaiUjIdEk9Bc8B9E0QYOA6K+w7ssA==
.findquoteusa.com/	1970-01-19 22:08:47	Name: _gid Value: GA1.2.1430378587.1634840609
.findquoteusa.com/	1970-01-19 22:07:20	Name: _gat_UA-196415297-2 Value: 1
.findquoteusa.com/	1970-01-19 22:07:20	Name: _gat_gtag_UA_196415297_2 Value: 1
.findquoteusa.com/	1970-01-20 15:38:32	Name: _ga_EWPC62C4D1 Value: GS1.1.1634840608.1.0.1634840610.0
.findquoteusa.com/	1970-01-20 15:38:32	Name: _ga Value: GA1.1.451190452.1634840609
.findquoteusa.com/	1970-01-20 15:38:32	Name: _ga_EBDM8K8M9Y Value: GS1.1.1634840610.1.0.1634840612.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://findquoteusa.com/insurance.php?affid=internal&s1=internal&s2=internal Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
deprecation	warning	URL: https://script.anura.io/request.js?instance=3751518728&source=https%3A%2F%2Ffindquoteusa.com%2Finsurance.php&campaign=internal_internal&callback=optionalCallbackFunction&732709104414(Line 14) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
rendering	warning	URL: https://findquoteusa.com/sorry-blocked.html(Line 8) Message: The key "intial-scale" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
api.pushnami.com
api.trustedform.com
bit.ly
castlo.de
cdn.trustedform.com
code.ionicframework.com
core.platform.ue.co
create.leadid.com
create.lidstatic.com
elasticlines.com
findquoteusa.com
fonts.googleapis.com
fonts.gstatic.com
h2htrk.com
leads.digitalmediasolutions.com
psp.pushnami.com
script.anura.io
trc.pushnami.com
www.google-analytics.com
www.googletagmanager.com
www.nextinsure.com
api.trustedform.com
create.leadid.com
psp.pushnami.com
trc.pushnami.com
www.google-analytics.com
104.26.7.173
104.89.36.174
13.224.193.36
142.250.185.170
142.250.185.78
142.250.185.99
143.204.98.109
143.204.98.13
162.241.253.51
172.217.23.104
172.67.146.92
172.67.41.229
172.99.173.141
18.133.97.68
195.189.226.208
34.224.106.237
34.230.161.187
54.237.189.41
54.84.106.162
54.90.22.61
67.199.248.10
0d0d11a1aa1fb16210e8c66d96787cb7925646cd450054b8ab603591d4a33112
0ddbb6356b79c35f8cfe1a34e7bdb5969549853bdd21d20d40eeb31ac9f2ba93
11b8de8a95c2449601704c636ab1065a100c006e984a7ba623895dc3cdd729aa
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2694f89920029c30b9aa6013f14f53db3d08bc2547ab3de3999a36b1c1f5bf08
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
28f3749b4c7960be5a20f00354a7d2e81fc0bbbc5a17338cc586183f3ba8dd94
3be09b57f4ddbc74f8d4e72fea0807bf03ac934a74d71e841309558aefde7b0c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c39e320b45a107df01e36847b792602d60e4b38e151bb5a93ed2f4c81ce00a1
4f3f17ddd2611c58f1e9feabf453452df2680f6fdc742a8d5988a9f4bc05e88b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c9fb5974877d36ddcf3f9d1621548b783fe6c24146b7974663f02ea35bc5cdb
5cd4655620b31af86f0dd4f09d9c6b97707846525ea356de359c647c6d5510fe
6b7d1a89fd438db03154e395bae79fc05d6f47f27dcaae15dc7ad1fb500876eb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e2bda74e895dccac7396de9464cfb8f763f742ea340e7815364f7c96d5217e
7b189e13f053a38c24e475b5c1ea40a6539d8d711f4066d21a0275ef3f419a4f
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
80489da75a1f3801004aa765be6e916565580bae708e633b15b84b78f2854aa6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ead7ace8c28d67f1151ba09c362c25b5e8607b2c01e8cc6658a302537ef2b1f
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
9568c8b835793ea26e7fa4556940978f1de0bafb9fa748d38ea0c0574d2dd2c9
9e124483dbf54bda14e9e53e4dd002847cf69975809970612ca34a19b485b516
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
a3b5fd8c7959bfdb8e752d1053bc1120aa7e03a94450b03ab7ffb1da9f61b6be
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b030f009a5c832a2fa54eeaedd202b060f7581dd98fbb235a8f5f33b6d03d87a
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
c014cbd868d1912cea624822ff132611f3f3aeee922d46930e8ddfd3c421f3e2
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
de42213986f8d2fcc65ba9a5ae75beb4893fdf4a4aad4a875db3e8ae3a0dcbcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b6893b4faba257684bbf48f188e091ab6a30a81472f5bcca32e7e14fe31f4
e985cbc88929009567a5dfebf131ff7f4b4b8eb877ff233d42071e8d1fd1a15f
ea32677f9b987cc279f62fed66e6297f4e33a1357c5a6087a5de512e330c6f78
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f673a75d34e2ed81d34ce16fe43a111d9ef574ce8aecb61ecefe9c70b2f0c854
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fd7dd58aefb71759ae1ea701a6a0315fa363f9ddfc1d3c17aec01930e71aadf2
fdebcefdbe38c83f6f4d54e5d622083ee6b5d3fe322a7c6e60440902f9067ae8
fdf47ab7bfc0384a1a0c7b2789ede828ad547adb6276c5abeda9a8a110c589ef

findquoteusa.com Open in urlscan Pro 162.241.253.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

75 %HTTPS

0 %IPv6

18 Domains

22 Subdomains

19 IPs

3 Countries

1985 kBTransfer

4143 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

findquoteusa.com Open in urlscan Pro
162.241.253.51 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

75 %
HTTPS

0 %
IPv6

18
Domains

22
Subdomains

19
IPs

3
Countries

1985 kB
Transfer

4143 kB
Size

10
Cookies

75 HTTP transactions
2 data transactions