quotemyinsuranceforsf.com Open in urlscan Pro
34.69.219.172 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://quotemyinsuranceforsf.com/
Submission: On March 17 via api (March 17th 2024, 2:32:47 pm UTC) from US — Scanned from US

Summary HTTP 105 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 28 IPs in 1 countries across 28 domains to perform 105 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is quotemyinsuranceforsf.com.
TLS certificate: Issued by R3 on March 14th 2024. Valid for: 3 months.

This is the only time quotemyinsuranceforsf.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: State Farm (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2600:9000:21d... 2600:9000:21da:800:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	152.195.54.7 152.195.54.7	15133 (EDGECAST) (EDGECAST)
3	104.106.227.229 104.106.227.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
3	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1 7	52.20.217.14 52.20.217.14	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:141b:1c0... 2600:141b:1c00:238f::19f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.106.226.153 104.106.226.153	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.140.39.224 63.140.39.224	14618 (AMAZON-AES) (AMAZON-AES)
1 1	100.24.229.173 100.24.229.173	14618 (AMAZON-AES) (AMAZON-AES)
1	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1	18.164.96.67 18.164.96.67	16509 (AMAZON-02) (AMAZON-02)
2 10	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	54.209.138.236 54.209.138.236	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2600:141b:1c0... 2600:141b:1c00:4a3::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.230.160.114 54.230.160.114	16509 (AMAZON-02) (AMAZON-02)
2	18.238.74.246 18.238.74.246	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	23.46.156.26 23.46.156.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
105	28

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

quotemyinsuranceforsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21da:800:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 152.195.54.7 (United States)

ASN15133 (EDGECAST, US)

static2.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ac1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.106.227.229 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-106-227-229.deploy.static.akamaitechnologies.com

cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

mx-api.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.20.217.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-217-14.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:238f::19f0 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.106.226.153 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-106-226-153.deploy.static.akamaitechnologies.com

a8367280580.cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.39.224 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-224.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.229.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-229-173.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.226 (Plainview, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-67.jfk50.r.cloudfront.net

deel-id-persistence.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.138.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-138-236.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:4a3::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.74.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-74-246.jfk52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.46.156.26 (Edison, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-26.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	st8fm.com static2.st8fm.com — Cisco Umbrella Rank: 111886 static1.st8fm.com — Cisco Umbrella Rank: 13277 ac1.st8fm.com — Cisco Umbrella Rank: 87188	660 KB
13	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 368 js.adsrvr.org — Cisco Umbrella Rank: 1445 insight.adsrvr.org — Cisco Umbrella Rank: 609	12 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 880 tr6.snapchat.com — Cisco Umbrella Rank: 1328	2 KB
7	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 245 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 64655	8 KB
7	optimizely.com cdn-pci.optimizely.com — Cisco Umbrella Rank: 10993 tapi.optimizely.com — Cisco Umbrella Rank: 13790 a8367280580.cdn-pci.optimizely.com — Cisco Umbrella Rank: 68242 logx.optimizely.com — Cisco Umbrella Rank: 1529	283 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 390 maps.googleapis.com — Cisco Umbrella Rank: 366 fonts.googleapis.com — Cisco Umbrella Rank: 38	218 KB
5	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 271 stats.g.doubleclick.net — Cisco Umbrella Rank: 90	1 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3914	82 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 865	5 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253	36 KB
3	mirus.io mx-api.prod.mirus.io — Cisco Umbrella Rank: 624488 peachy.prod.mirus.io — Cisco Umbrella Rank: 355843	20 KB
3	statefarm.com www.statefarm.com — Cisco Umbrella Rank: 20220 smetrics.statefarm.com — Cisco Umbrella Rank: 32096	3 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 522	1 KB
2	yahoo.net 2 redirects hb.yahoo.net — Cisco Umbrella Rank: 686	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 269	2 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1178	38 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 904	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 188	67 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	200 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 439	612 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1144	35 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 384	916 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 163	261 B
1	krxd.net usermatch.krxd.net — Cisco Umbrella Rank: 1927	82 B
1	c1.statefarm deel-id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 91350	3 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1277	517 B
1	quotemyinsuranceforsf.com quotemyinsuranceforsf.com	16 KB
0	facebook.com Failed www.facebook.com Failed
105	28

	Domain	Requested by
16	static1.st8fm.com	quotemyinsuranceforsf.com static2.st8fm.com ajax.googleapis.com static1.st8fm.com
15	static2.st8fm.com	quotemyinsuranceforsf.com static2.st8fm.com
8	match.adsrvr.org	2 redirects js.adsrvr.org
6	tr.snapchat.com	1 redirects sc-static.net
6	dpm.demdex.net	1 redirects quotemyinsuranceforsf.com
5	nexus.ensighten.com	quotemyinsuranceforsf.com nexus.ensighten.com
4	ct.pinterest.com	static1.st8fm.com s.pinimg.com
4	cm.g.doubleclick.net	4 redirects
4	maps.googleapis.com	quotemyinsuranceforsf.com static1.st8fm.com maps.googleapis.com
4	cdnjs.cloudflare.com	quotemyinsuranceforsf.com
3	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
3	cdn-pci.optimizely.com	quotemyinsuranceforsf.com cdn-pci.optimizely.com static2.st8fm.com
2	pixel.tapad.com	2 redirects
2	hb.yahoo.net	2 redirects
2	ib.adnxs.com	2 redirects
2	insight.adsrvr.org	js.adsrvr.org
2	sc-static.net	quotemyinsuranceforsf.com tr.snapchat.com
2	s.pinimg.com	quotemyinsuranceforsf.com s.pinimg.com
2	connect.facebook.net	quotemyinsuranceforsf.com connect.facebook.net
2	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
2	peachy.prod.mirus.io	static1.st8fm.com
2	smetrics.statefarm.com	static1.st8fm.com quotemyinsuranceforsf.com
2	tapi.optimizely.com	cdn-pci.optimizely.com
2	maxcdn.bootstrapcdn.com	quotemyinsuranceforsf.com
1	tr6.snapchat.com	sc-static.net
1	pixel.rubiconproject.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	usermatch.krxd.net
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	deel-id-persistence.deel.c1.statefarm	nexus.ensighten.com
1	logx.optimizely.com	static1.st8fm.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	a8367280580.cdn-pci.optimizely.com	cdn-pci.optimizely.com
1	fonts.googleapis.com	static2.st8fm.com
1	mx-api.prod.mirus.io	quotemyinsuranceforsf.com
1	www.statefarm.com	quotemyinsuranceforsf.com
1	ac1.st8fm.com	quotemyinsuranceforsf.com
1	ajax.googleapis.com	quotemyinsuranceforsf.com
1	quotemyinsuranceforsf.com
0	www.facebook.com Failed
105	43

This site contains links to these domains. Also see Links.

Domain
www.statefarm.com
proofing.statefarm.com
www.linkedin.com
financials.statefarm.com
get-id-card.delitess.c1.statefarm
www.detroitlakesinsurance.com
trupanion.com

Subject Issuer	Validity	Valid
quotemyinsuranceforsf.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-02-23` - `2025-02-23`	a year	crt.sh
cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-25` - `2025-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
mx-api.prod.mirus.io R3	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-25` - `2025-01-24`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-02-08` - `2024-05-09`	3 months	crt.sh
deel-id-persistence.deel.c1.statefarm Amazon RSA 2048 M02	`2023-08-01` - `2024-08-29`	a year	crt.sh
peachy.prod.mirus.io R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2024-01-30` - `2025-01-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://quotemyinsuranceforsf.com/
Frame ID: A8E3F0AD9C3CDB0B94E51E22B264CAD3
Requests: 84 HTTP requests in this frame

Frame: https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html
Frame ID: 425FA6CA1973336F2F3175F6EA7B36F4
Requests: 1 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 01D2C3E73991087FBF0F48123A2C40DE
Requests: 5 HTTP requests in this frame

Frame: https://deel-id-persistence.deel.c1.statefarm/
Frame ID: 153EEC623ADA398FD9B80D60F1D34D29
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 9CDC72DD2D81B52B253C348E4EECDD9D
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: ACD7F7B7E935E07FE16C02DF75933194
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=37065b37-405a-4daa-9b4f-78798a672160&u_sclid=b836ac09-36c3-4983-8a08-7a25bb9d3fd5
Frame ID: 06ACDA65F438F3DD764E0302E015F59B
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2342784395741694267&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914
Frame ID: 4783236F80B5BABE4F222EDAF8B9F8AD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1
Frame ID: 4BFC4313D97342EE72A8FF0755C630DC
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia
Frame ID: 0E98EB05CC35ADFE19394511F3FA263A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia
Frame ID: 28B674C7D90B73621C7995ED1FFBA466
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1
Frame ID: C3B03F9F838729E08758D7FED2CF9D39
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: F874B4FEBD1FD22587DE15FC50FEE66D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1710540449961&pnid=140&pcid=08f2fb6b-d392-44e3-ad3d-3fc468f36616
Frame ID: E2D8F264920B803663E15160E989629D
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: DD3CFAB9CFACE03D2429CBFE5941057A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nick Christenson - State Farm Insurance Agent in Detroit Lakes, MN

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

105
Requests

92 %
HTTPS

35 %
IPv6

28
Domains

43
Subdomains

28
IPs

1
Countries

1707 kB
Transfer

5852 kB
Size

50
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statefarm.com/#oneX-main-content
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/mn/detroit-lakes/nick-christenson-3cg637n52gf

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/nick-christenson-7607a547

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/guest-pay/
Title: Pay a Bill

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote
Title: or continue a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/mn/detroit-lakes/nick-christenson-3cg637n52gf/map?officeAssociateId=R4NMV95XMGE
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.detroitlakesinsurance.com/
Title: www.detroitlakesinsurance.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/small-business-solutions/insurance/contact#agentAssociateID=3CG637N52GF&source=sfmicrosites
Title: small business insurance

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/download-mobile-apps/life-enhanced
Title: Take a closer look

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1710685961840 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1710685961840

Request Chain 44

https://cm.everesttech.net/cm/dd?d_uuid=77236089188427566062180662260994778068 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfb-CwAAAB-p4QNP

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzcyMzYwODkxODg0Mjc1NjYwNjIxODA2NjIyNjA5OTQ3NzgwNjg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzcyMzYwODkxODg0Mjc1NjYwNjIxODA2NjIyNjA5OTQ3NzgwNjg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEORfuWRwgLwbzQwrOfd4mkg&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 63

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quotemyinsuranceforsf.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quotemyinsuranceforsf.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d1b51ad8-474d-4691-b811-e661e95c5914

Request Chain 64

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77236089188427566062180662260994778068&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=77236089188427566062180662260994778068&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-7h82n0JE2pF4OKPjGh0.GFIrKTwJi9VFibw-~A

Request Chain 85

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dd1b51ad8-474d-4691-b811-e661e95c5914 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2342784395741694267&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDFiNTFhZDgtNDc0ZC00NjkxLWI4MTEtZTY2MWU5NWM1OTE0&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1

Request Chain 87

https://hb.yahoo.net/cksync.php?cs=3&type=55953&gdpr=%24%7bGDPR%7d&gdpr_consent=%24%7bGDPR_CONSENT%7d&gpp=%24%7bGPP_STRING%7d&gpp_sid=%24%7bGPP_SID%7d&ovsid=rightmedia&redirect=https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fgeneric%3fttd_pid%3drightmedia&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia

Request Chain 91

https://hb.yahoo.net/cksync.php?cs=3&type=55953&gdpr=%24%7bGDPR%7d&gdpr_consent=%24%7bGDPR_CONSENT%7d&gpp=%24%7bGPP_STRING%7d&gpp_sid=%24%7bGPP_SID%7d&ovsid=rightmedia&redirect=https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fgeneric%3fttd_pid%3drightmedia&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDFiNTFhZDgtNDc0ZC00NjkxLWI4MTEtZTY2MWU5NWM1OTE0&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1

Request Chain 93

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d1b51ad8-474d-4691-b811-e661e95c5914&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 96

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1710685966050&u_scsid=2145a5fd-9d67-410a-a7bf-81798dd58a23&u_sclid=a68feb0a-f446-49cd-a18e-fe1f34c32729 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710540449961%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710540449961%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1710540449961&pnid=140&pcid=08f2fb6b-d392-44e3-ad3d-3fc468f36616

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
quotemyinsuranceforsf.com/ 63 KB
16 KB 417ms
158ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: /
Resource Hash: d0b8b351c572fbb52ca58caef480ce6fb178ba217f672881ca69b8b1ba644f69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 17 Mar 2024 14:32:41 GMT
vary: origin,accept-encoding
x-cheesecrd-backend: mx-api
x-cheesecrd-lookup: master:quotemyinsuranceforsf.com/
x-cheesecrd-path: /
x-microsite-source: https://www.statefarm.com/agent/us/mn/detroit-lakes/nick-christenson-3cg637n52gf

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
29 KB 262ms
75ms Script
application/javascript 2600:9000:21da:800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d80468d52be3755d4b9d48e8eedf633a03e802e9021776aef78b12fa74542208

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 12:29:08 GMT
x-amz-version-id: MtuuAsjoJ8RWnP60cJeuuU0okU_Wo.g2
content-encoding: br
via: 1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
age: 439414
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 18:19:40 GMT
server: CloudFront
etag: W/"9d3ca371862ed65434b33387233e3464"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: 5GC6w5tXysaCnmyAQkliRzR8jCqc3FJ1eAksR4-99GHCiLWFqOjsCQ==

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
22 KB 131ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 876
age: 1544532
cdn-cachedat: 09/04/2022 08:28:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7e923ad223e9f33e54d22e50cf2bcce5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 49adb82ffb926e7eb7acfa88c7559322
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 865db19c39106da9-MIA
cdn-requestpullsuccess: True

GET
H2 200 normalize.css
static2.st8fm.com/en_US/dxl-1x/prod/css/lib/ 16 KB
6 KB 163ms
33ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/lib/normalize.css

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9B25) /

Resource Hash

1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 19:50:02 GMT
server: ECD (mic/9B25)
age: 6662
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 5846
expires: Sun, 17 Mar 2024 18:32:41 GMT

GET
H2 200 1x.core.css
static2.st8fm.com/en_US/dxl-1x/prod/css/ 643 KB
72 KB 164ms
35ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AD0) /

Resource Hash

f146eca74e3630da6d88b5d17a6bb1e8375aae1f56c0c61a5eccdda9aa0d52ad

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 19:50:01 GMT
server: ECD (mic/9AD0)
age: 11139
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 73710
expires: Sun, 17 Mar 2024 18:32:41 GMT

GET
H2 200 8421581994.js Show response
cdn-pci.optimizely.com/js/ 653 KB
139 KB 227ms
64ms Script
text/javascript 104.106.227.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/8421581994.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.227.229 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-106-227-229.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c33575068c9b9ecb692e4584014b82bd45f5c9dc7c45d4dd6a78a0967c8ee902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: 2UEVUrtCEXBBp3orP_vH47jt_.ltcZ4N
content-encoding: gzip
date: Sun, 17 Mar 2024 14:32:41 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: KM8AJN26K3H9AM2H
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 47020
x-amz-replication-status: PENDING
content-length: 141879
x-amz-id-2: bwhMHqW64OB3Q5BvCqQhQFuEOaGC5BCmVpsssrRKEsSP+H+W0u6fRKl+MQoRxkskpx/DWI+48hU=
last-modified: Fri, 15 Mar 2024 13:45:41 GMT
server: AmazonS3
etag: "b15b5ae964cff2ebff3acf20ba3fac49"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 StateFarmCommon.js Show response
static2.st8fm.com/en_US/b2c_dvts/common/js/lib/ 1 KB
878 B 321ms
192ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B84) /

Resource Hash

5c2e932d0dded3aa6c2c4b2faf8f1b53da7b6e27dc20212d27b58b658749b0f1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
server: ECD (dac/9B84)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 761
expires: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 199ms
63ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 14:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Mar 2025 14:13:15 GMT

GET
H2 200 handlebars.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/ 160 KB
29 KB 123ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/handlebars.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 287272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29180
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-27e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bE6BuYBFWYgGB%2Bhd3OJP73A2LUo9CE5eHg5EnCn5GE%2Bu8Oy4BdxYQKa%2FGqCVp0ChF%2B5aAgplREoipd%2Fy3DU02GqTVhHtd%2FOeOzI23FnuBAlCLQjvzewYbsjhx7f7fFf%2Bmo%2BMQSchl7TIAQAklW5IU8zY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 865db19c3c410331-MIA
expires: Fri, 07 Mar 2025 14:32:41 GMT

GET
H2 200 1x.core.js Show response
static2.st8fm.com/en_US/dxl-1x/prod/js/ 345 KB
106 KB 198ms
69ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AAA) /

Resource Hash

c7a8e05d4949afeb8c828969bdfa49426bca3894cd0e017b18ee7636ae51089e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 19:50:01 GMT
server: ECD (mic/9AAA)
age: 12412
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 107948
expires: Sun, 17 Mar 2024 18:32:41 GMT

GET
H2 200 1x.client.js Show response
static2.st8fm.com/en_US/dxl-1x/prod/js/ 3 KB
1 KB 198ms
70ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.client.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AC6) /

Resource Hash

785b6692d256f8286db7fff9d1e8caf87508b8e25721ac968bf5626eb3e82dbe

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 19:50:01 GMT
server: ECD (mic/9AC6)
age: 6681
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1280
expires: Sun, 17 Mar 2024 18:32:41 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 130ms
49ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 974
age: 1634163
cdn-cachedat: 09/03/2022 05:37:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 651df2f378800bfc68a5af66779544b9
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 865db19c39146da9-MIA
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/ 7 KB
3 KB 117ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1624799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2382
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aVATOZK1n6CL9ejKbJeXThc12Zd0%2B%2FO6d0ZMZ72IQqbCh%2FuupwVlYpRgmM43RCaCsGi06pq4UOokMPYnrVT7miJRHiSW1c1XW0GuVsHethOq84ZLzldxw4YRkYFqZtuJ45Hv7%2FSYA9sz7Rwot4F%2BmrH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 865db19c3c450331-MIA
expires: Fri, 07 Mar 2025 14:32:41 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 5 KB
3 KB 114ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 505669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2092
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGSVgT6EQ%2Ft6BacJkwXqbA0vO30KQtjTjVyXitdr9kietm9ee2DzcScqsQpkLzsQSLY%2FItqyHOJGm33smubQBJtVZQLYsUIYlY16fNwUAetqx68x2YFOBm9dmKy0MK9TS%2FxtdiGaWqfj4oBtC8AlzItS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 865db19c3c430331-MIA
expires: Fri, 07 Mar 2025 14:32:41 GMT

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 4 KB
2 KB 118ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.plugins.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 416211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1222
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-106c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivmbD%2B1ljPl3D0bI6Iko8cRDw1FBx0UA441f4uy8UQWqZ8MCJjwm%2FDRsIYwiLCwDuKcXj%2Bsqo0%2FTOloW6cR%2BAnRL%2FNYskX2%2FnKrmmTJuPIMCkvHkRwzgbeBaIsd%2FYLSAkKHufk%2B7owVrf0MD9iHJ8qv0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 865db19c3c3f0331-MIA
expires: Fri, 07 Mar 2025 14:32:41 GMT

GET
H2 200 util.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 29 KB
9 KB 229ms
102ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/util.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9B5F) /

Resource Hash

240422c986046f61655378669aca9bc6e6369c8f7c2897c0c73f7313eac34fed

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 20:09:03 GMT
server: ECD (mic/9B5F)
age: 4866
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 9231
expires: Sun, 17 Mar 2024 18:32:41 GMT

GET
H2 200 validators.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 5 KB
2 KB 229ms
103ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/validators.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9ABE) /

Resource Hash

c7012dbe6534ccd46097b8756ffbbcc4d030429939edb882fbb29d48298ed30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 20:09:02 GMT
server: ECD (mic/9ABE)
age: 5929
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1489
expires: Sun, 17 Mar 2024 18:32:41 GMT

GET
H2 200 microsite.min.css
static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/styles/ 3 KB
1 KB 165ms
33ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/styles/microsite.min.css
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (mic/9AC6) /
Resource Hash: 3d17b798b45775e93e25293bba964ac616e1d2a8325173ed87ad9560233c117c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 20:19:01 GMT
server: ECD (mic/9AC6)
age: 131098
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1217
expires: Sun, 24 Mar 2024 14:32:41 GMT

GET
H2 200 formalColorFull.jpg
ac1.st8fm.com/associate-photos/3/3CG637N52GF/ 19 KB
19 KB 295ms
161ms Image
image/jpeg 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ac1.st8fm.com/associate-photos/3/3CG637N52GF/formalColorFull.jpg

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9CA0) /

Resource Hash

7e141940edac629e4ae6874de8b38f7fcf6dada672316ff70787f618ffd5aac1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
last-modified: Sat, 06 Jun 2020 05:19:00 GMT
server: ECD (dac/9CA0)
age: 4690
etag: "ace87cfcc13bd61:0"
x-frame-options: DENY
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 19284

GET
H2 200 stand-alone-quote.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 17 KB
6 KB 34ms
33ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/stand-alone-quote.min.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AD1) /

Resource Hash

8a5d94461dfc45efc41660ba3a79c6c1972c068ee0a8db506789a943be035644

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 20:09:02 GMT
server: ECD (mic/9AD1)
age: 6436
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 5611
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 StateFarmisThere_en_desktop.png
static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 17 KB
17 KB 166ms
34ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/StateFarmisThere_en_desktop.png
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (mic/9AAA) /
Resource Hash: 746164f668cd2513526e7b3bc8bc14c980c03fb967b4015f898164a89da8e70a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
last-modified: Thu, 28 Apr 2022 20:22:21 GMT
server: ECD (mic/9AAA)
age: 325493
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17093
expires: Sun, 24 Mar 2024 14:32:41 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 229 KB
75 KB 237ms
102ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c8aa1aa4d64cf9bf0ae01f0f3dbbc72cc05a875c2f64e584797ca94e538c1a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76553
x-xss-protection: 0

GET
H2 200 cookie Show response
www.statefarm.com/agent/ 0
832 B 278ms
258ms Script
text/plain 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.statefarm.com/agent/cookie?associateID=3CG637N52GF&app=AMS

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 14:32:42 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: ECD (dac/9B85)
x-frame-options: DENY
content-language: en-US
x-vcap-request-id: fd3cf624-520d-4b0f-6d83-0bdb553c413d
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 jquery.mobile-1.2.0.min.js Show response
static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/scripts/ 111 KB
40 KB 34ms
34ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/scripts/jquery.mobile-1.2.0.min.js
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (mic/9AD0) /
Resource Hash: b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 20:19:01 GMT
server: ECD (mic/9AD0)
age: 131099
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 40312
expires: Sun, 24 Mar 2024 14:32:42 GMT

GET
H2 200 microsite.min.js Show response
static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/scripts/ 6 KB
2 KB 34ms
34ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/scripts/microsite.min.js
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (mic/9A8D) /
Resource Hash: 0e467a203a1984e939753bbf21aa397835218b20146787d3934a7e68d893bbd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 20:19:01 GMT
server: ECD (mic/9A8D)
age: 131099
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2052
expires: Sun, 24 Mar 2024 14:32:42 GMT

GET
H2 200 peachy-client Show response
mx-api.prod.mirus.io/ 65 KB
20 KB 342ms
72ms Script
text/html 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mx-api.prod.mirus.io/peachy-client

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: origin,accept-encoding
content-type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 219ms
84ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6195dc420a7c2f60abd30c9bc46985ac75ee25b6119ebc93028ed050926b0f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static2.st8fm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Mar 2024 14:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 12:39:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Mar 2024 14:32:41 GMT

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1710685961840
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1710685961840

1 KB
1 KB

61ms
60ms

XHR
application/json

52.20.217.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1710685961840

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Server

52.20.217.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-217-14.compute-1.amazonaws.com

Software

Resource Hash

e02eb606ded6520043bc4795767d9e835c8876bcbab78ea23d47533783f70146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v057-0a8c6bd7b.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 17 Mar 2024 14:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: 8THCv1wzS9g=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://quotemyinsuranceforsf.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 616
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v057-08a6808b8.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 17 Mar 2024 14:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: UVtL5BStTyQ=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1710685961840
access-control-allow-origin: https://quotemyinsuranceforsf.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 502 B
834 B 79ms
77ms Script
text/javascript 2600:9000:21da:800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Mon%20Jan%2029%2018:19:38%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fquotemyinsuranceforsf.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 7198a74556f1e71a5916e817880fa04110d3c1b71c92824a044fb14cd584ea65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
via: 1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 502
x-amz-cf-id: MqeWudNyUB78Ij8AylxdiG35hjD4RzynIFYN8jWpJ5DA3Rkd1tjeHQ==
expires: Sun, 17 Mar 2024 14:32:41 GMT

GET
H/1.1 200
OK oeu1710685962098r0.004535426044969704 Show response
tapi.optimizely.com/api/targeting/8421581994/8453960666/ 31 KB
2 KB 584ms
123ms XHR
application/json 2600:141b:1c00:238f::19f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/targeting/8421581994/8453960666/oeu1710685962098r0.004535426044969704
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:238f::19f0 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.15.12 / Express
Resource Hash: 00a735022a0585ebce6bbc8df6dd9a1c84ac4f539523c318b5606b09b642e070

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 17 Mar 2024 14:32:42 GMT
Content-Encoding: gzip
Server: nginx/1.15.12
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://quotemyinsuranceforsf.com
Cache-Control: max-age=1200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1616

GET
H/1.1 200
OK 8421581994 Show response
tapi.optimizely.com/api/js/odds/project/ 136 B
572 B 606ms
145ms XHR
application/json 2600:141b:1c00:238f::19f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/js/odds/project/8421581994?project=8421581994
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:238f::19f0 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.15.12 / Express
Resource Hash: 622bdc1a2e1caaa3a92328f0b8eca1bb08b10b7c55844c09f550bead407a65e4

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2024 14:32:42 GMT
Server: nginx/1.15.12
X-Uncacheable: WTF
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://quotemyinsuranceforsf.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 136
Expires: Sun, 17 Mar 2024 14:32:42 GMT

GET
H2 200 geo4.js Show response
cdn-pci.optimizely.com/js/ 310 B
749 B 63ms
62ms Script
application/javascript 104.106.227.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/geo4.js

Requested by

Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.227.229 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-106-227-229.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

e95c661fdae5b6f073bb02df4d2b6b7b8d7e88c3569d06287e340bcfe5425af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
x-amz-version-id: OAjfW2hsfUCB6ky0IKAo94yDIUDQOyvh
date: Sun, 17 Mar 2024 14:32:42 GMT
x-amz-request-id: G8M8HTX75NEEVHTB
x-amz-replication-status: COMPLETED
content-length: 310
x-amz-id-2: 3YNN7Hqlz42/ppyJfhjNot4T5fXg4/X9qxRkNPHnJt7QMkuMufWAYZQjxAL4hSPVchx5XPiu5qM=
server: AmazonS3
etag: "ab711da6d329d2f9dabaf111028b5243"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 StateFarmCommon.js Show response
static1.st8fm.com/en_US/b2c_dvts/common/js/lib/ 302 KB
171 KB 196ms
195ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B84) /

Resource Hash

102f9bb8a77daf9287cf65165cf0d35c0857d04affa2c0e9a3bbda0bcd5cb9da

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
server: ECD (dac/9B84)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600, immutable

GET
H2 200 ErrorPage.json Show response
static1.st8fm.com/en_US/errors/1/ 4 KB
879 B 189ms
189ms Script
application/json 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/errors/1/ErrorPage.json?callback=jQuery32102239555524749164_1710685962681&_=1710685962682

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 13:13:01 GMT
server: ECD (dac/9B85)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
x-cnection: close
accept-ranges: bytes
content-length: 636
expires: Sun, 17 Mar 2024 14:32:42 GMT

GET
H2 200 a8367280580.html Show response
a8367280580.cdn-pci.optimizely.com/client_storage/ Frame 425F 2 KB
1 KB 222ms
62ms Document
text/html 104.106.226.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html

Requested by

Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.226.153 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-106-226-153.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

56cb81b020021098e18c791a1c89c16860425a190326fe8dc676d39bf992e5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 834
content-type: text/html; charset=utf-8
date: Sun, 17 Mar 2024 14:32:43 GMT
etag: "1a6056d7ae7cc0aaf3c86fd09853f1e4"
last-modified: Fri, 15 Mar 2024 13:45:05 GMT
server: AmazonS3
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: +ZH+xAApUEQhXcRZ3+LY01N4Q9l6f1+smnWlTxRPFJVFNCyXddHoGSRfp8fv0jar+cDm6xS4WRQ=
x-amz-meta-pci_enabled: True
x-amz-replication-status: COMPLETED
x-amz-request-id: A913NDWW3PMBF5NR
x-amz-server-side-encryption: AES256
x-amz-version-id: H5fSPKsqwILB9sUEDH0ZOPbrqbJOayB6

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 217ms
90ms XHR
application/json 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://quotemyinsuranceforsf.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 social_media_icons.png
static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/ 6 KB
6 KB 34ms
33ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/social_media_icons.png
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/styles/microsite.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (mic/9AAA) /
Resource Hash: 89d9a08ed4bd71f312ebb4e119de4fbec2413c382cf0370640fac3eb3b1d318f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static1.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-193/styles/microsite.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 29 Aug 2023 15:31:26 GMT
server: ECD (mic/9AAA)
age: 325490
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6505
expires: Sun, 24 Mar 2024 14:32:42 GMT

GET
H2 200 chevron.svg
static2.st8fm.com/en_US/dxl-1x/prod/css/images/core/ 5 KB
1 KB 35ms
34ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/images/core/chevron.svg

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AD1) /

Resource Hash

cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:47:38 GMT
server: ECD (mic/9AD1)
age: 11576
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1357
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 MecherleSans-Regular.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 135ms
33ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Regular.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9A9F) /

Resource Hash

891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 05 Mar 2024 16:46:59 GMT
server: ECD (mic/9A9F)
age: 10363
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 31948
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 MecherleSans-Medium.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 198ms
96ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Medium.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AC6) /

Resource Hash

befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 05 Mar 2024 16:47:09 GMT
server: ECD (mic/9AC6)
age: 10333
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32200
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 201ms
99ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-SemiBold.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AD1) /

Resource Hash

d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 05 Mar 2024 16:46:58 GMT
server: ECD (mic/9AD1)
age: 11132
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32208
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 MecherleSans-Bold.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 135ms
34ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Bold.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9A8D) /

Resource Hash

d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 05 Mar 2024 16:46:59 GMT
server: ECD (mic/9A8D)
age: 7213
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 31812
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 MecherleLegal-Regular.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 32 KB
32 KB 136ms
35ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleLegal-Regular.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AFB) /

Resource Hash

ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 05 Mar 2024 16:47:02 GMT
server: ECD (mic/9AFB)
age: 5345
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32844
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 01D2 7 KB
3 KB 82ms
65ms Document
text/html 52.20.217.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.20.217.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-217-14.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 17 Mar 2024 14:32:42 GMT
dcs: dcs-prod-va6-2-v057-0f5ae32c2.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 6 Mar 2024 14:53:37 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: ta+ChNYcSoU=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
472 B 218ms
65ms XHR
application/x-javascript 63.140.39.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=69860601109228109141558237834837256200&ts=1710685962766

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.224 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-224.data.adobedc.net

Software

jag /

Resource Hash

74eefe809598f1c6ac0aecd28324e766a74fa5feac03911362c2edd60cd292b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://quotemyinsuranceforsf.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=Zfb-CwAAAB-p4QNP
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=77236089188427566062180662260994778068
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfb-CwAAAB-p4QNP

42 B
716 B

61ms
60ms

Image
image/gif

52.20.217.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfb-CwAAAB-p4QNP

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Server

52.20.217.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-217-14.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v057-0fb543d7e.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: tX5z5u9AThw=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zfb-CwAAAB-p4QNP
Date: Sun, 17 Mar 2024 14:32:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 navigation-footer-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/ 580 B
543 B 134ms
34ms XHR
text/html 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/navigation-footer-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AD2) /

Resource Hash

3557e45ea7f0fdf592ba4a65987e40bd1a0c193113dfb9a2e049e52bbd046915

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: text/html, */*; q=0.01
Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 19:50:01 GMT
server: ECD (mic/9AD2)
age: 8692
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 346
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 navigation-header-unauth-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/header/ 6 KB
2 KB 133ms
35ms XHR
text/html 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/header/navigation-header-unauth-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9ABE) /

Resource Hash

b61a02f07e674f75d5791e3626019e1b7ab55de6ce932ab58a987e79748cb913

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: text/html, */*; q=0.01
Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 19:50:01 GMT
server: ECD (mic/9ABE)
age: 8692
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1604
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 MecherleSans-RegularItalic.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 33 KB
33 KB 111ms
100ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-RegularItalic.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9B38) /

Resource Hash

1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
last-modified: Tue, 05 Mar 2024 16:47:00 GMT
server: ECD (mic/9B38)
age: 12375
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 34016
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 chat_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 565 B
387 B 127ms
39ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/chat_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9A9F) /

Resource Hash

980c9d8469c5132d294a0b1b877fbd353decdf9ae788c659bbbd07eb0e793136

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:52:11 GMT
server: ECD (mic/9A9F)
age: 8692
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 308
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 phone_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 405 B
344 B 123ms
36ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/phone_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9ABE) /

Resource Hash

52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:30 GMT
server: ECD (mic/9ABE)
age: 8692
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 278
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 email_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 251 B
284 B 123ms
37ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/email_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9A8D) /

Resource Hash

b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:55 GMT
server: ECD (mic/9A8D)
age: 8692
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 206
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 payment_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 702 B
529 B 120ms
36ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/payment_32.svg
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (mic/9AAA) /
Resource Hash: 59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:03 GMT
server: ECD (mic/9AAA)
age: 8674
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-cnection: close
accept-ranges: bytes
content-length: 425
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H2 200 id_card_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 468 B
355 B 121ms
38ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/id_card_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AC6) /

Resource Hash

de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:50:58 GMT
server: ECD (mic/9AC6)
age: 8652
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 276
expires: Sun, 17 Mar 2024 18:32:42 GMT

GET
H3 200 12257c8a4a807d44ed80a82b4e589f9f.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 167 KB
49 KB 66ms
65ms Script
application/javascript 2600:9000:21da:800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/12257c8a4a807d44ed80a82b4e589f9f.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21da:800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9e49636ee5aabc460535e081b27350dee3fe983d5744efe9183c08221a752bf3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 12:38:20 GMT
x-amz-version-id: XC_6BJKw7fCWMDIwa9LyITCebTEGgi2r
content-encoding: gzip
via: 1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront)
age: 438864
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 18:19:40 GMT
server: CloudFront
etag: W/"bc67529ee2db502478d45e4b441acd1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: fiOuDfUK5SdqaZB2X_DdNrF4_Dj5h667tVwlPtZ0ZSQAgTLqdcRpjw==

GET
H3 200 329fbdab9636170eedfc1422b36a9201.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 67ms
66ms Script
application/javascript 2600:9000:21da:800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/329fbdab9636170eedfc1422b36a9201.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21da:800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 12:29:18 GMT
x-amz-version-id: OuUtqcbhtGGaOSf08MnJmyHMdVrlO6kx
content-encoding: br
via: 1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront)
age: 439406
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Sep 2023 18:39:58 GMT
server: CloudFront
etag: W/"8a23a755163613af04888609d47b4180"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 4kiJa_mvBYDzUHjZiZMXAdAMXnl0GJ4L_UZ8L_eTX_D8VXuf5viRdQ==

GET
H3 200 490ca4ccefe20cf502ab771ba0b689e4.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 68ms
67ms Script
application/javascript 2600:9000:21da:800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/490ca4ccefe20cf502ab771ba0b689e4.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21da:800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 12:38:20 GMT
x-amz-version-id: GXEkxy20k_QHgRk9R9sJLzPLYY9n6IMi
content-encoding: gzip
via: 1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront)
age: 438864
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Sep 2023 18:39:58 GMT
server: CloudFront
etag: W/"513d0d3858eefa5cd26ba48fe9d67289"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: -vjnsZpY5C0JYmTAiFRMsE7DpOJvPpjDZYGruGryO2Bvk58UHZ0Ozw==

GET
H2 200 8421581994.js Show response
cdn-pci.optimizely.com/js/ 653 KB
139 KB 63ms
62ms Script
text/javascript 104.106.227.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/8421581994.js

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.227.229 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-106-227-229.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c33575068c9b9ecb692e4584014b82bd45f5c9dc7c45d4dd6a78a0967c8ee902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: 2UEVUrtCEXBBp3orP_vH47jt_.ltcZ4N
content-encoding: gzip
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: KM8AJN26K3H9AM2H
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 47020
x-amz-replication-status: PENDING
content-length: 141879
x-amz-id-2: bwhMHqW64OB3Q5BvCqQhQFuEOaGC5BCmVpsssrRKEsSP+H+W0u6fRKl+MQoRxkskpx/DWI+48hU=
last-modified: Fri, 15 Mar 2024 13:45:41 GMT
server: AmazonS3
etag: "b15b5ae964cff2ebff3acf20ba3fac49"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 state-farm-logo-4.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 9 KB
3 KB 35ms
33ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-4.svg

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AD2) /

Resource Hash

c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:43 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:49:33 GMT
server: ECD (mic/9AD2)
age: 8695
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 3308
expires: Sun, 17 Mar 2024 18:32:43 GMT

GET
H2 200 state-farm-logo-5.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 3 KB
1 KB 36ms
35ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-5.svg

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (mic/9AFB) /

Resource Hash

af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:43 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 16:49:30 GMT
server: ECD (mic/9AFB)
age: 8695
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1290
expires: Sun, 17 Mar 2024 18:32:43 GMT

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
488 B 149ms
54ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Mar 2024 14:32:42 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://quotemyinsuranceforsf.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: bd5b7e7e-e988-4ac6-99c6-36c124026c62

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ibs:dpid=771&dpuuid=CAESEORfuWRwgLwbzQwrOfd4mkg&google_cver=1
dpm.demdex.net/ Frame 01D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzcyMzYwODkxODg0Mjc1NjYwNjIxODA2NjIyNjA5OTQ3NzgwNjg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzcyMzYwODkxODg0Mjc1NjYwNjIxODA2NjIyNjA5OTQ3NzgwNjg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEORfuWRwgLwbzQwrOfd4mkg&google_cver=1?gdpr=0&gdpr_consent=

42 B
716 B

61ms
61ms

Image
image/gif

52.20.217.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEORfuWRwgLwbzQwrOfd4mkg&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Server

52.20.217.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-217-14.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v057-05a92fd0c.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wpuHMRc8QNw=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 14:32:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEORfuWRwgLwbzQwrOfd4mkg&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
deel-id-persistence.deel.c1.statefarm/ Frame 153E 3 KB
3 KB 210ms
64ms Document
text/html 18.164.96.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deel-id-persistence.deel.c1.statefarm/
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/code/12257c8a4a807d44ed80a82b4e589f9f.js?conditionId0=423109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-67.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f98a4c138afc4ae03b27be67c3b28d7eceba1a39d24172435cc42bf8d69bbc3

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 29
content-length: 3035
content-type: text/html
date: Sun, 17 Mar 2024 14:32:15 GMT
etag: "45d943eb64607c99f5d8d58630fb1671"
last-modified: Thu, 02 Nov 2023 21:09:28 GMT
server: AmazonS3
via: 1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-id: smj7xWirEyMdn_GgRXBN4IzZf1kGbM6GxPDbxQJxN-UZSPNa56MYZQ==
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: abtjwofczkcDM4qoegTsPxLtV0ZLkh8G
x-cache: Hit from cloudfront

GET
H2

200

ibs:dpid=903&dpuuid=d1b51ad8-474d-4691-b811-e661e95c5914
dpm.demdex.net/ Frame 01D2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quotemyinsuranceforsf.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quotemyinsuranceforsf.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d1b51ad8-474d-4691-b811-e661e95c5914

42 B
716 B

61ms
61ms

Image
image/gif

52.20.217.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=d1b51ad8-474d-4691-b811-e661e95c5914

Protocol

Server

52.20.217.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-217-14.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v057-026942687.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 6U652x4RT2g=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=d1b51ad8-474d-4691-b811-e661e95c5914
date: Sun, 17 Mar 2024 14:32:43 GMT
server: Kestrel
content-length: 189

GET
H2

200

ibs:dpid=30646
dpm.demdex.net/ Frame 01D2
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77236089188427566062180662260994778068&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=77236089188427566062180662260994778068&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-7h82n0JE2pF4OKPjGh0.GFIrKTwJi9VFibw-~A

42 B
716 B

61ms
61ms

Image
image/gif

52.20.217.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-7h82n0JE2pF4OKPjGh0.GFIrKTwJi9VFibw-~A

Protocol

Server

52.20.217.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-217-14.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v057-067f05d0f.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: JPRh7w37Qkc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-7h82n0JE2pF4OKPjGh0.GFIrKTwJi9VFibw-~A
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.106
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
BLOB 200
OK 9a8a9980-c533-4f09-a4f8-82ba47c3b8d3
https://quotemyinsuranceforsf.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://quotemyinsuranceforsf.com/9a8a9980-c533-4f09-a4f8-82ba47c3b8d3
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame 0
0 221ms
70ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://quotemyinsuranceforsf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://quotemyinsuranceforsf.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/null/events/ 66 B
318 B 76ms
76ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

33ee9bf477e66d583ebff15fa90e0a25c8c62172a9f1689acc4cf4dbb3d2be69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
keen-sdk: javascript-5.0.1
accept-language: en-US,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://quotemyinsuranceforsf.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 66

GET
H2 200 v2
usermatch.krxd.net/um/ Frame 01D2 2 B
82 B 226ms
58ms Image
application/json 54.209.138.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=adobe&id=77236089188427566062180662260994778068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.138.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-138-236.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:43 GMT
server: awselb/2.0
content-length: 2
content-type: application/json; charset=utf-8

GET
H2 200 s61083121282022 Show response
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 953 B
1 KB 76ms
75ms Script
application/x-javascript 63.140.39.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s61083121282022?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=17%2F2%2F2024%204%3A32%3A43%200%20600&d.&nsid=0&jsonv=1&.d&D=..&mid=69860601109228109141558237834837256200&aamlh=7&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-v%3A3cg637n52gf&g=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&ch=sf%3Aus%3Aagent-micro-v&server=quotemyinsuranceforsf.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-v%3A3cg637n52gf&h1=home%7Cagent-micro-v%7C3cg637n52gf&c4=sf%3Aagent-micro-v%3A3cg637n52gf&v6=quotemyinsuranceforsf.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=sunday%7C8%3A30am&c50=true%3Blimited&v50=3%2F17%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F122.0.6261.128%20safari%2F537.36&c70=en-us&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.224 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-224.data.adobedc.net

Software

jag /

Resource Hash

8b547e09d2c6dbb35ad135bfc21512609d8d3c1c6430a5ba359dc86c1e7747c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-aam-tid: 7ArGxiF7Sks=
date: Sun, 17 Mar 2024 14:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 953
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v057-0ad84ce7a.edge-va6.demdex.com 4 ms
pragma: no-cache
last-modified: Mon, 18 Mar 2024 14:32:43 GMT
server: jag
etag: 3673670132882767872-4617864385447446321
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 16 Mar 2024 14:32:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 517 KB
106 KB 231ms
94ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fba348784272da84b5bef9f2e901f4dea5dad7f9fb475c3028ed4951133ad20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107740
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Mar 2024 14:32:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 97ms
95ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbe023e0218400144ae129dab010f035319c6e678de801fd54cd5ef79f892ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Mar 2024 14:32:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 215ms
66ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Mar 2024 14:32:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=12, mss=1294, tbw=2795, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: BKPDZYLyFz41PG9QkLqo8oK19tRSKTLs057LSVDUCx2suOSfizaSnyQu6j5iVIDseTX6BT9VHbdC2eCha/SAUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 299ms
70ms Script
application/javascript 2600:141b:1c00:4a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:4a3::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "d9d39f44b74d00726ec92710f4e4c69c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1856

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 9 KB
4 KB 207ms
60ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 19:10:28 GMT
Content-Encoding: gzip
Via: 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C3
Age: 69738
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: BD_0SDAex2nnuCHJmaMptOWBjO9nMWfpmkWLLTPbyypatW9ImLYsQQ==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 44 KB
19 KB 247ms
101ms Script
application/javascript 18.238.74.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: quotemyinsuranceforsf.com
URL: https://quotemyinsuranceforsf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.74.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-74-246.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:45 GMT
content-encoding: gzip
via: 1.1 a8894be3cc09919d8cad0be355a10772.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19117
x-amz-cf-id: 40-vc4qa-75Qj5v7y7I7auhOheAweotTvMhnTryt3fYbMhYr4pmsjg==

POST
H2 204 collect
analytics.google.com/g/ 0
261 B 131ms
46ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je43d0v9178161793z8849799669za200&_p=1710685965082&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2056170508.1710685966&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710685965&sct=1&seg=0&dl=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&dt=Nick%20Christenson%20-%20State%20Farm%20Insurance%20Agent%20in%20Detroit%20Lakes%2C%20MN&en=page_view&_fv=1&_nsi=1&_ss=1&ep.microsite_name=sf%3Aus%3Aagent-micro-v%3A3cg637n52gf&tfd=4653
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 14:32:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quotemyinsuranceforsf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 185ms
66ms Ping
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3WRNTYXP84&cid=2056170508.1710685966&gtm=45je43d0v9178161793z8849799669za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 14:32:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://quotemyinsuranceforsf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9CDC 1 KB
1 KB 64ms
61ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 9f2a8229b65187cca5e245e7863e1e808b91c9154d80c7b5d4dbb6f3b3b58ef5

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 17 Mar 2024 14:32:45 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame ACD7 1 KB
1 KB 60ms
59ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&upid=9nilek2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 1c54c12bfe8ebd485cb521f6effa0c29e578b2795897f8f124267b64ea9dfeed

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 17 Mar 2024 14:32:45 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.js Show response
tr.snapchat.com/config/com/ 185 B
471 B 241ms
145ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.js?v=3.12.0-2402271815

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

1e3cfae47ae2ecc99fa0948697fc696441882587a38c1e941e290cc2dbe7d64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
Origin: https://quotemyinsuranceforsf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://quotemyinsuranceforsf.com
x-envoy-upstream-service-time: 35
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 06AC 672 B
1 KB 173ms
91ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=37065b37-405a-4daa-9b4f-78798a672160&u_sclid=b836ac09-36c3-4983-8a08-7a25bb9d3fd5

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sun, 17 Mar 2024 14:32:45 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame ACD7 488 B
1003 B 61ms
60ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&upid=9nilek2&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 00:53:57 GMT
Via: 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C3
Age: 49129
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: nyW_yIUGZGW2ib13NJO5ZFw92CEbozxeiNb69I4xbIXftv2Ady-uug==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 9CDC 488 B
1003 B 119ms
60ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&upid=t8xbszz&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 00:53:57 GMT
Via: 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C3
Age: 49129
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: Wm9RW64T4Il77hM47ziQl2_78-SzZeFJZirqCwtl7MBvgXMmKvptxw==

GET
H2 200 main.cb6ceab7.js Show response
s.pinimg.com/ct/lib/ 64 KB
18 KB 75ms
74ms Script
application/javascript 2600:141b:1c00:4a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:4a3::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3b4f2e1b70a9ab8aef23d65cc1b072b5eb6eba4979f6575c64771256e260409d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "df5cf5cb5de352dc30a944e95eca73e1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18542

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 4783
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dd1b51ad8-474d-4691-b811-e661e95c5914
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2342784395741694267&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914

70 B
518 B

59ms
58ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2342784395741694267&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 17 Mar 2024 14:32:46 GMT
server: Kestrel

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 52664a85-9dc0-4ea2-9930-f94d7f98d9ce
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 17 Mar 2024 14:32:46 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2342784395741694267&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 38.132.118.70; 38.132.118.70; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 4BFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDFiNTFhZDgtNDc0ZC00NjkxLWI4MTEtZTY2MWU5NWM1OTE0&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1

70 B
492 B

63ms
62ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 17 Mar 2024 14:32:45 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 14:32:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 0E98
Redirect Chain

https://hb.yahoo.net/cksync.php?cs=3&type=55953&gdpr=%24%7bGDPR%7d&gdpr_consent=%24%7bGDPR_CONSENT%7d&gpp=%24%7bGPP_STRING%7d&gpp_sid=%24%7bGPP_SID%7d&ovsid=rightmedia&redirect=https%3a%2f%2fmatch....
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia

70 B
518 B

59ms
58ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 17 Mar 2024 14:32:46 GMT
server: Kestrel

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 154
content-type: text/html
date: Sun, 17 Mar 2024 14:32:46 GMT
expires: Sun, 17 Mar 2024 14:32:46 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

GET
H2 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 37 KB
8 KB 1877ms
1876ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.150&r=stable&domain=quotemyinsuranceforsf.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cb09b9f95f9e00d20b8721cfd6ba6ffb1e717c23cfca881e3349db3e05832a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Mar 2024 14:32:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=71, rtx=0, c=65, mss=1294, tbw=62765, tp=-1, tpl=-1, uplat=1805, ullat=0
pragma: public
x-fb-debug: 6DCj3RCjzipcztn5wHo6QjB2G/xrgwqsgBBIbQr5bVHJva/sg7PGn1kd/J0U7jwcFo26aYPzYYjScq0MkMLZaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
624 B 142ms
63ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1710685965915&dep=2%2CPAGE_LOAD
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:46 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1256106058911294
content-length: 174
pin-unauth: dWlkPU9UTTNaalJpWWpRdE1URTJaUzAwTmpRNUxXSmpZalV0T0RWaU5qVTNZakUwTnpBeA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://quotemyinsuranceforsf.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 012230f5a5e8e5b53238cdc0127be7a9bd59fe3b
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 144ms
69ms Fetch
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fquotemyinsuranceforsf.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22cb6ceab7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1710685965919
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 14:32:46 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://quotemyinsuranceforsf.com
pinterest-version: 012230f5a5e8e5b53238cdc0127be7a9bd59fe3b
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8283502542447448
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 28B6
Redirect Chain

https://hb.yahoo.net/cksync.php?cs=3&type=55953&gdpr=%24%7bGDPR%7d&gdpr_consent=%24%7bGDPR_CONSENT%7d&gpp=%24%7bGPP_STRING%7d&gpp_sid=%24%7bGPP_SID%7d&ovsid=rightmedia&redirect=https%3a%2f%2fmatch....
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia

70 B
492 B

59ms
58ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 17 Mar 2024 14:32:46 GMT
server: Kestrel

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 154
content-type: text/html
date: Sun, 17 Mar 2024 14:32:46 GMT
expires: Sun, 17 Mar 2024 14:32:46 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame C3B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDFiNTFhZDgtNDc0ZC00NjkxLWI4MTEtZTY2MWU5NWM1OTE0&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1

70 B
492 B

62ms
62ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 17 Mar 2024 14:32:46 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 14:32:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1b51ad8-474d-4691-b811-e661e95c5914&google_gid=CAESEEXI3pEnAxRnWwMQ51ky0ho&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame F874
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d1b51ad8-474d-4691-b811-e661e95c5914&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
492 B

59ms
58ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 17 Mar 2024 14:32:46 GMT
server: Kestrel

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 772cc9037cd6dc6f19451a098a1a8570
content-length: 0

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 06AC 44 KB
19 KB 70ms
69ms Script
application/javascript 18.238.74.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=37065b37-405a-4daa-9b4f-78798a672160&u_sclid=b836ac09-36c3-4983-8a08-7a25bb9d3fd5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.74.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-74-246.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 18:30:02 GMT
content-encoding: gzip
via: 1.1 a8894be3cc09919d8cad0be355a10772.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
age: 72163
etag: b9bd00ec73544025b937f4253ff9de4c
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 19117
x-amz-cf-id: 6SyXG-sfcLFL6qqJpIQrDAH0HRuCQagmTrUhUm-0AJXHdt2xwr7RuQ==

POST
H2 200 p
tr.snapchat.com/ 0
102 B 91ms
90ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Mar 2024 14:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://quotemyinsuranceforsf.com
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame E2D8
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1710685966050&u_scsid=2145a5fd-9d67-410a-a7bf-81798dd58a23&u_sclid=a68feb0a-f446-49cd-a18e-fe1f34c32729
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710540449961%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710540449961%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1710540449961&pnid=140&pcid=08f2fb6b-d392-44e3-ad3d-3fc468f36616

0
18 B

91ms
90ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1710540449961&pnid=140&pcid=08f2fb6b-d392-44e3-ad3d-3fc468f36616

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Sun, 17 Mar 2024 14:32:46 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 2

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 17 Mar 2024 14:32:46 GMT
location: https://tr.snapchat.com/cm/p?rand=1710540449961&pnid=140&pcid=08f2fb6b-d392-44e3-ad3d-3fc468f36616
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 35ms
30ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3afda3a545f4af46f87af3efd62d036c7b950df588a444bd9464191236e79922

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 14:32:46 GMT
x-cdn: fastly
age: 4202
etag: "e5a433af03b04b75eb9e68dadd108a70"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4044

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame DD3C 565 B
405 B 70ms
65ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://quotemyinsuranceforsf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 17 Mar 2024 14:32:46 GMT
pinterest-version: 012230f5a5e8e5b53238cdc0127be7a9bd59fe3b
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4673132511826583

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 102ms
90ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Mar 2024 14:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 p
tr.snapchat.com/ 0
17 B 89ms
88ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://quotemyinsuranceforsf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Mar 2024 14:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://quotemyinsuranceforsf.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 common.js
maps.googleapis.com/maps-api-v3/api/js/55/11a/ 255 KB
55 KB 91ms
89ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/11a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56697
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 12:51:21 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/11a/ 181 KB
56 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/11a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9d8028f36453616e3ef0ff9190b678b8bc5dfb2b5da1156b415cb013c1c3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quotemyinsuranceforsf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:02:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56965
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:02:07 GMT

GET 1936962093151750
connect.facebook.net/signals/config/ 0
0

GET /
www.facebook.com/tr/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1936962093151750?v=2.9.150&r=stable&domain=quotemyinsuranceforsf.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C173%2C175%2C108%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C210%2C147%2C106%2C128%2C121%2C109

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fquotemyinsuranceforsf.com%2F&rl=&if=false&ts=1710685967787&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4124&fbp=fb.1.1710685967786.1637969600&ler=empty&cdl=API_unavailable&it=1710685965888&coo=false&rqm=GET

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: State Farm (Insurance)

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 19:12:52	Name: X-AB Value: b9bd00ec73544025b937f4253ff9de4c
quotemyinsuranceforsf.com/	1970-01-20 19:12:52	Name: __cheesecrd_version Value: master
.quotemyinsuranceforsf.com/	1970-01-21 04:47:25	Name: optimizelyEndUserId Value: oeu1710685962098r0.004535426044969704
.demdex.net/	1970-01-20 23:30:37	Name: demdex Value: 77236089188427566062180662260994778068
.quotemyinsuranceforsf.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.statefarm.com/	1970-01-21 04:47:25	Name: s_ecid Value: MCMID%7C69860601109228109141558237834837256200
.everesttech.net/	1970-01-21 03:57:01	Name: everest_g_v2 Value: g_surferid~Zfb-CwAAAB-p4QNP
.dpm.demdex.net/	1970-01-20 23:30:37	Name: dpm Value: 77236089188427566062180662260994778068
.quotemyinsuranceforsf.com/	1970-01-21 04:47:25	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19800%7CMCMID%7C69860601109228109141558237834837256200%7CMCAAMLH-1711290762%7C7%7CMCAAMB-1711290762%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1710693163s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19807%7CvVersion%7C5.5.0
.quotemyinsuranceforsf.com/	1970-01-20 19:11:27	Name: s_gad Value: 1
.doubleclick.net/	1970-01-21 04:47:25	Name: IDE Value: AHWqTUkaYd3nKnYJuj_k_kXz9l0jiKFtIvIbLLOBvD6f9d2LaIQSEQLJdG6Qwd8xVDE
quotemyinsuranceforsf.com/	1970-01-21 03:57:01	Name: keen Value: {%22initialReferrer%22:null}
.adsrvr.org/	1970-01-21 03:57:01	Name: TDID Value: d1b51ad8-474d-4691-b811-e661e95c5914
.demdex.net/	1970-01-20 23:30:37	Name: dextp Value: 771-1-1710685963230\|903-1-1710685963423\|30646-1-1710685963552\|66757-1-1710685963670
.quotemyinsuranceforsf.com/	1970-01-20 19:11:27	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-v%3A3cg637n52gf
.quotemyinsuranceforsf.com/	1970-01-20 19:11:27	Name: s_pre_v6 Value: quotemyinsuranceforsf.com
.quotemyinsuranceforsf.com/	1970-01-20 19:11:27	Name: s_dl Value: 1
.quotemyinsuranceforsf.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.quotemyinsuranceforsf.com/	1970-01-21 04:47:25	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271710685963738%27%5D%5D
.quotemyinsuranceforsf.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fquotemyinsuranceforsf.com%2F%7Caowsv%3DNaN%7CentryProperty%3Dhttps%3A%2F%2Fquotemyinsuranceforsf.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-v%7Cs_prev_ch%3Dagent-micro-v%7Cs_prev_pn%3D3cg637n52gf%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-v%3A3cg637n52gf%7Cmc%3Ddirect%20load%7C
.quotemyinsuranceforsf.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.yahoo.com/	1970-01-21 03:57:23	Name: A3 Value: d=AQABBAv_9mUCEOkRsdWtw0E7NO44rQEOb5gFEgEBAQFQ-GUAZtxH0iMA_eMAAA&S=AQAAArjDWJzR4IqxPMDWtI78iS8
.analytics.yahoo.com/	1970-01-21 03:57:01	Name: IDSYNC Value: 19cu~2hce
.quotemyinsuranceforsf.com/	1970-01-20 23:30:37	Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C7
.quotemyinsuranceforsf.com/	1970-01-20 19:54:37	Name: aam_uuid Value: 77236089188427566062180662260994778068
deel-id-persistence.deel.c1.statefarm/	1969-12-31 23:59:59	Name: agentEntryProperty Value: https://quotemyinsuranceforsf.com/
deel-id-persistence.deel.c1.statefarm/	1969-12-31 23:59:59	Name: agentReferrer Value: undefined
deel-id-persistence.deel.c1.statefarm/	1969-12-31 23:59:59	Name: agentCMPIDevent Value: undefined
deel-id-persistence.deel.c1.statefarm/	1969-12-31 23:59:59	Name: fromAgentSite Value: quotemyinsuranceforsf.com
deel-id-persistence.deel.c1.statefarm/	1969-12-31 23:59:59	Name: agentOfficeCode Value: 23215c
.quotemyinsuranceforsf.com/	1970-01-20 21:21:01	Name: _gcl_au Value: 1.1.888465636.1710685965
.quotemyinsuranceforsf.com/	1970-01-21 04:47:25	Name: _ga_3WRNTYXP84 Value: GS1.1.1710685965.1.0.1710685965.60.0.0
.quotemyinsuranceforsf.com/	1970-01-21 04:47:25	Name: _ga Value: GA1.1.2056170508.1710685966
.quotemyinsuranceforsf.com/	1970-01-21 04:41:12	Name: _scid Value: ba789044-6582-4b94-b446-3a08bf8f085c
.quotemyinsuranceforsf.com/	1970-01-21 04:41:12	Name: _scid_r Value: ba789044-6582-4b94-b446-3a08bf8f085c
.pinterest.com/	1970-01-21 03:57:01	Name: ar_debug Value: 1
.quotemyinsuranceforsf.com/	1970-01-21 03:57:01	Name: _pin_unauth Value: dWlkPU9UTTNaalJpWWpRdE1URTJaUzAwTmpRNUxXSmpZalV0T0RWaU5qVTNZakUwTnpBeA
.adnxs.com/	1970-01-20 21:21:01	Name: XANDR_PANID Value: t6xeufS9AIpbU94ms31Diye0xpucZ7zReG8OcPBvTdAf16yRs69xWeA80TM0nLjT0UcgsQDHkkZ5GahZo_NaMX33qudlOElqbSQuLFR1Xkg.
.adnxs.com/	1970-01-21 04:47:25	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:21:01	Name: uuid2 Value: 2342784395741694267
.rubiconproject.com/	1970-01-21 03:57:01	Name: khaos Value: LTVM97A8-22-8Q09
.rubiconproject.com/	1970-01-21 03:57:01	Name: audit Value: 1\|qEnTL2aCiGs0lIA/dYb2r9dRkmJtKXgS5bE3xqE3PXmbz16xSA9sXZCc//a1b+9A+Cdc+bx8wbKM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLvsdq8AdZf8pJXovQ4gK4NW7/IEioWC7szuIVI40gZe68rGRiDIsemIONvkwZWUEatbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.snapchat.com/	1970-01-21 04:33:01	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQcOsQ0m0MUafI8P32Xte3sHq/VrxgnGyroW1eWRkipTygP5jwyLEizq/+AU5hRGxAAAAA
.hb.yahoo.net/	1970-01-20 19:31:35	Name: data-ttd Value: rightmedia~~3
.hb.yahoo.net/	1970-01-20 23:30:37	Name: visitor-id Value: 3536875661523842000V10
.tapad.com/	1970-01-20 20:37:49	Name: TapAd_TS Value: 1710685966257
.tapad.com/	1970-01-20 20:37:49	Name: TapAd_DID Value: 08f2fb6b-d392-44e3-ad3d-3fc468f36616
.adsrvr.org/	1970-01-21 03:57:01	Name: TDCPM Value: CAESEgoDYWFtEgsI3IPLvaSm4zwQBRIZCgpyaWdodG1lZGlhEgsI9Jzp0aSm4zwQBRIVCgZnb29nbGUSCwikxMbUpKbjPBAFEhYKB3J1Ymljb24SCwjC5unRpKbjPBAFEhcKCGFwcG5leHVzEgsI0KD11aSm4zwQBRgFIAMoAzILCPzr6_66puM8EAVCDyINCAESCQoFdGllcjEQAVoHM2RhdmJwNGAB
.tapad.com/	1970-01-20 20:37:49	Name: TapAd_3WAY_SYNCS Value:
.quotemyinsuranceforsf.com/	1970-01-21 04:41:12	Name: _sctr Value: 1%7C1710669600000

145 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://quotemyinsuranceforsf.com/ Message: Refused to execute script from 'https://www.statefarm.com/agent/cookie?associateID=3CG637N52GF&app=AMS' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEDG0UyOAQAAxMucqsgE0ZYwiU4WfOx_uhFVIP0qQQOCIKqCL0yC5qgGYKVG&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://quotemyinsuranceforsf.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1673276772914128?v=2.9.150&r=stable&domain=quotemyinsuranceforsf.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 68) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8367280580.cdn-pci.optimizely.com
ac1.st8fm.com
ajax.googleapis.com
analytics.google.com
cdn-pci.optimizely.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
fonts.googleapis.com
hb.yahoo.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
logx.optimizely.com
maps.googleapis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mx-api.prod.mirus.io
nexus.ensighten.com
peachy.prod.mirus.io
pixel.rubiconproject.com
pixel.tapad.com
quotemyinsuranceforsf.com
s.pinimg.com
sc-static.net
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
static2.st8fm.com
stats.g.doubleclick.net
tapi.optimizely.com
tr.snapchat.com
tr6.snapchat.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
www.statefarm.com
connect.facebook.net
www.facebook.com
100.24.229.173
104.106.226.153
104.106.227.229
104.198.70.133
142.250.65.226
151.101.64.84
152.195.54.7
18.164.96.67
18.238.74.246
2001:4860:4802:34::181
23.46.156.26
2600:141b:1c00:238f::19f0
2600:141b:1c00:4a3::1931
2600:9000:21da:800:2:8f43:5780:93a1
2606:4700::6811:180e
2606:4700::6812:bcf
2607:f8b0:4004:c06::9c
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::200a
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2008
2a03:2880:f012:8:face:b00c:0:1
34.111.113.62
34.111.140.246
34.200.65.202
34.69.219.172
35.190.43.134
52.20.217.14
52.223.40.198
54.209.138.236
54.230.160.114
63.140.39.224
68.67.160.132
8.43.72.97
00a735022a0585ebce6bbc8df6dd9a1c84ac4f539523c318b5606b09b642e070
02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c
0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3
0e467a203a1984e939753bbf21aa397835218b20146787d3934a7e68d893bbd4
102f9bb8a77daf9287cf65165cf0d35c0857d04affa2c0e9a3bbda0bcd5cb9da
1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600
1c54c12bfe8ebd485cb521f6effa0c29e578b2795897f8f124267b64ea9dfeed
1e3cfae47ae2ecc99fa0948697fc696441882587a38c1e941e290cc2dbe7d64c
1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1f98a4c138afc4ae03b27be67c3b28d7eceba1a39d24172435cc42bf8d69bbc3
1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128
240422c986046f61655378669aca9bc6e6369c8f7c2897c0c73f7313eac34fed
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
33ee9bf477e66d583ebff15fa90e0a25c8c62172a9f1689acc4cf4dbb3d2be69
3557e45ea7f0fdf592ba4a65987e40bd1a0c193113dfb9a2e049e52bbd046915
3afda3a545f4af46f87af3efd62d036c7b950df588a444bd9464191236e79922
3b4f2e1b70a9ab8aef23d65cc1b072b5eb6eba4979f6575c64771256e260409d
3d17b798b45775e93e25293bba964ac616e1d2a8325173ed87ad9560233c117c
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5
56cb81b020021098e18c791a1c89c16860425a190326fe8dc676d39bf992e5aa
59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c
5c2e932d0dded3aa6c2c4b2faf8f1b53da7b6e27dc20212d27b58b658749b0f1
5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81
6195dc420a7c2f60abd30c9bc46985ac75ee25b6119ebc93028ed050926b0f71
622bdc1a2e1caaa3a92328f0b8eca1bb08b10b7c55844c09f550bead407a65e4
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa
6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7
7198a74556f1e71a5916e817880fa04110d3c1b71c92824a044fb14cd584ea65
746164f668cd2513526e7b3bc8bc14c980c03fb967b4015f898164a89da8e70a
74eefe809598f1c6ac0aecd28324e766a74fa5feac03911362c2edd60cd292b3
785b6692d256f8286db7fff9d1e8caf87508b8e25721ac968bf5626eb3e82dbe
7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e141940edac629e4ae6874de8b38f7fcf6dada672316ff70787f618ffd5aac1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
89d9a08ed4bd71f312ebb4e119de4fbec2413c382cf0370640fac3eb3b1d318f
8a5d94461dfc45efc41660ba3a79c6c1972c068ee0a8db506789a943be035644
8b547e09d2c6dbb35ad135bfc21512609d8d3c1c6430a5ba359dc86c1e7747c8
8cb09b9f95f9e00d20b8721cfd6ba6ffb1e717c23cfca881e3349db3e05832a9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
980c9d8469c5132d294a0b1b877fbd353decdf9ae788c659bbbd07eb0e793136
9d9d8028f36453616e3ef0ff9190b678b8bc5dfb2b5da1156b415cb013c1c3d8
9e49636ee5aabc460535e081b27350dee3fe983d5744efe9183c08221a752bf3
9f2a8229b65187cca5e245e7863e1e808b91c9154d80c7b5d4dbb6f3b3b58ef5
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484
b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d
b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be
b61a02f07e674f75d5791e3626019e1b7ab55de6ce932ab58a987e79748cb913
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c33575068c9b9ecb692e4584014b82bd45f5c9dc7c45d4dd6a78a0967c8ee902
c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f
c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26
c7012dbe6534ccd46097b8756ffbbcc4d030429939edb882fbb29d48298ed30f
c7a8e05d4949afeb8c828969bdfa49426bca3894cd0e017b18ee7636ae51089e
c8aa1aa4d64cf9bf0ae01f0f3dbbc72cc05a875c2f64e584797ca94e538c1a59
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949
d0b8b351c572fbb52ca58caef480ce6fb178ba217f672881ca69b8b1ba644f69
d80468d52be3755d4b9d48e8eedf633a03e802e9021776aef78b12fa74542208
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7
e02eb606ded6520043bc4795767d9e835c8876bcbab78ea23d47533783f70146
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48
e95c661fdae5b6f073bb02df4d2b6b7b8d7e88c3569d06287e340bcfe5425af8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f146eca74e3630da6d88b5d17a6bb1e8375aae1f56c0c61a5eccdda9aa0d52ad
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fba348784272da84b5bef9f2e901f4dea5dad7f9fb475c3028ed4951133ad20b
fbe023e0218400144ae129dab010f035319c6e678de801fd54cd5ef79f892ea5

quotemyinsuranceforsf.com Open in urlscan Pro 34.69.219.172 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

92 %HTTPS

35 %IPv6

28 Domains

43 Subdomains

28 IPs

1 Countries

1707 kBTransfer

5852 kBSize

50 Cookies

16 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

quotemyinsuranceforsf.com Open in urlscan Pro
34.69.219.172 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

92 %
HTTPS

35 %
IPv6

28
Domains

43
Subdomains

28
IPs

1
Countries

1707 kB
Transfer

5852 kB
Size

50
Cookies

105 HTTP transactions
1 data transactions