insurads.com Open in urlscan Pro
18.164.116.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://insurads.com/
Effective URL:
https://insurads.com/
Submission: On April 05 via manual (April 5th 2024, 6:22:11 pm UTC) from CA — Scanned from CA

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 20 domains to perform 51 HTTP transactions. The main IP is 18.164.116.9, located in United States and belongs to AMAZON-02, US. The main domain is insurads.com. The Cisco Umbrella rank of the primary domain is 17652.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 1st 2023. Valid for: a year.

This is the only time insurads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	18.164.116.9 18.164.116.9	16509 (AMAZON-02) (AMAZON-02)
2	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
2	142.251.40.170 142.251.40.170	15169 (GOOGLE) (GOOGLE)
1	13.107.213.40 13.107.213.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.35.168 142.251.35.168	15169 (GOOGLE) (GOOGLE)
1	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
10	142.250.176.206 142.250.176.206	15169 (GOOGLE) (GOOGLE)
1 7	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.164.110.14 18.164.110.14	16509 (AMAZON-02) (AMAZON-02)
1	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	13.225.214.25 13.225.214.25	16509 (AMAZON-02) (AMAZON-02)
2	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	3.219.94.105 3.219.94.105	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
51	23

11 18.164.116.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-9.jfk50.r.cloudfront.net

insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.64.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.107.21.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.110.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-110-14.jfk50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-25.ewr50.r.cloudfront.net

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.94.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-94-105.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.224.31.34 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	insurads.com insurads.com — Cisco Umbrella Rank: 17652	346 KB
10	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 664	69 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 744 c.clarity.ms — Cisco Umbrella Rank: 1368 h.clarity.ms — Cisco Umbrella Rank: 6004	28 KB
4	bing.net bat.bing.net — Cisco Umbrella Rank: 19554
3	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 234	3 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1120 bcp.crwdcntrl.net — Cisco Umbrella Rank: 957	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 985 id5-sync.com — Cisco Umbrella Rank: 501	27 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	1 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212	167 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	67 B
1	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 608
1	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 6185	9 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3290	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2704	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 332	896 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 702	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2295	8 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	48 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4588	42 KB
51	20

	Domain	Requested by
11	insurads.com	insurads.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	bat.bing.net	adsdk.microsoft.com
2	h.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	bat.bing.com	insurads.com bat.bing.com
2	fonts.googleapis.com	insurads.com
2	securepubads.g.doubleclick.net	insurads.com securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com
1	c.bing.com	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	acdn.adnxs.com	bat.bing.com
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	insurads.com
1	adsdk.microsoft.com	insurads.com
51	25

This site contains links to these domains. Also see Links.

Domain
iabeurope.eu

Subject Issuer	Validity	Valid
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2023-05-01` - `2024-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
bat.bing.net Microsoft Azure TLS Issuing CA 05	`2024-04-04` - `2024-06-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-04` - `2024-06-27`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2024-02-20` - `2024-05-20`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://insurads.com/
Frame ID: 69362E32B2A5493A8D228BA0ACD971C4
Requests: 48 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF6E7D6DB01472B51BFC07FF68917BB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

InsurAds

Page URL History Show full URLs

http://insurads.com/ HTTP 307
https://insurads.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

51
Requests

98 %
HTTPS

0 %
IPv6

20
Domains

25
Subdomains

23
IPs

3
Countries

798 kB
Transfer

1594 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://iabeurope.eu/vendor-list/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://insurads.com/ HTTP 307
https://insurads.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9738E838703D4024B70777BAFF114F5A&RedC=c.clarity.ms&MXFR=3315F225BA97650B3D66E67DBE976B14 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9738E838703D4024B70777BAFF114F5A&MUID=1E96ADA8BE5C6E371564B9F0BFF66FEA

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
insurads.com/
Redirect Chain

http://insurads.com/
https://insurads.com/

7 KB
8 KB

227ms
136ms

Document
text/html

18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d5aa0e9bce4053120e7bd86cc024eb00c45b15f2b5de139cd9dcd36be433e17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 7670
content-type: text/html
date: Fri, 05 Apr 2024 18:22:06 GMT
etag: "977ed0758fd05caa386a1f7c94438a95"
last-modified: Thu, 04 Jan 2024 10:39:25 GMT
server: AmazonS3
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
x-amz-cf-id: vtsP5kYR6G8AGels2YeiU7CrI0pM0Kxr_71zkHcKaFLxEyP7sHZ8EA==
x-amz-cf-pop: JFK50-P6
x-amz-meta-s3b-last-modified: 20180626T113423Z
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

Redirect headers

Location: https://insurads.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
29 KB 169ms
100ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: insurads.com
URL: https://insurads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

bcae6821ce0513770436fde143b0787a84e901481daa34d59ce983e011222e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29655
x-xss-protection: 0
server: cafe
etag: 917 / 19818 / m202404020101 / config-hash: 7795631271343578687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 18:22:05 GMT

GET
H2 200 bootstrap.min.css
insurads.com/css/ 120 KB
120 KB 164ms
162ms Stylesheet
text/css 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/css/bootstrap.min.css
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:18:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "5d5357cb3704e1f43a1f5bfed2aebf42"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 122540
x-amz-cf-id: VgY7FwE7WTtA_A17Xb_SWqyViWdXr8XTufeCNjysQSjVa9U-dLXhcg==
x-amz-meta-s3b-last-modified: 20170921T093019Z

GET
H2 200 style.css
insurads.com/css/ 13 KB
13 KB 196ms
195ms Stylesheet
text/css 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/css/style.css
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78b26cb9cb38a8c402d705da9e17e947665518842f132d647ddcca85f27db7e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:18:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "48f930c1d6a53bc1cfe950c3c229f082"
x-cache: RefreshHit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 13307
x-amz-cf-id: V9tIE1ixx-WiTPvt7cIiyBDPhOZHWVh3W3Vwj0IMmiQ0FxS8JCbHNA==
x-amz-meta-s3b-last-modified: 20170921T112148Z

GET
H2 200 css
fonts.googleapis.com/ 2 KB
891 B 108ms
46ms Stylesheet
text/css 142.251.40.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro:300italic,700italic,400,300,700&subset=latin,latin-ext

Requested by

Host: insurads.com
URL: https://insurads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f10.1e100.net

Software

ESF /

Resource Hash

7c90855f1f821b24d01c04a15ce6ef84b638d7c96df538bd87c12a00166602c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 18:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 18:22:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
551 B 109ms
48ms Stylesheet
text/css 142.251.40.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maven+Pro:400,300,700,900

Requested by

Host: insurads.com
URL: https://insurads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f10.1e100.net

Software

ESF /

Resource Hash

f8e822033baed6be1018ba6edb3a251211a886ef7eddc0a9246442d3a64ba028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 18:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 18:22:05 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/pubcenter/ 103 KB
42 KB 191ms
43ms Script
application/javascript 13.107.213.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/pubcenter/sdk.js?siteId=10321967&publisherId=253247115
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 964420505247d44a94a06ee7b5f7c6e3fa6575e6853431401d4935ff68c60e94

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
Origin: https://insurads.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: br
last-modified: Tue, 26 Mar 2024 20:53:43 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T182205Z-15cd8b5947dtpnvtw8xxrebyrc00000000kg000000008gf6
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7b4eee60-401e-0063-7f28-87559a000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 67727752

GET
H2 200 logo_blue.png
insurads.com/images/ 28 KB
28 KB 206ms
205ms Image
image/png 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurads.com/images/logo_blue.png
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b769708bf91ed743142ad33a4e8332f8b17e6c587ad56be1edb67bc57e1fffb9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 11:08:46 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "b538f4f3f75574aa46b2d48219017fc2"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 28307
x-amz-cf-id: lvC6bmZ42ZAnOiGEwoVu8TmpY0Q8MfzYQ2cIEoPK3rWeoAt0-JN77g==
x-amz-meta-s3b-last-modified: 20180626T140344Z

GET
H2 200 iab.png
insurads.com/images/ 16 KB
17 KB 183ms
182ms Image
image/png 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurads.com/images/iab.png
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10493cd7d3eb405272bc85f6eb9eae011338017f1ca6d2cf27111b5f0d4ea05c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 09:46:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "b370ed1225859a0c097fcc5ae9bd5b75"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 16861
x-amz-cf-id: AlsB8J07Agvh0837IMOUVvEnzWT_4-Ph7fbpHTW_oeKJZN_j0hNEZA==

GET
H2 200 jquery-1.11.3.min.js Show response
insurads.com/js/ 94 KB
94 KB 91ms
90ms Script
application/javascript 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/js/jquery-1.11.3.min.js
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:18:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "13c0a5055cca7b2463b2f73701960b9e"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 95962
x-amz-cf-id: FFlsOcKwKCTuU7vVQ1DGaaa8FBmkLbs77xdgTIwMdNG8ljsrjZninw==
x-amz-meta-s3b-last-modified: 20170921T163428Z

GET
H2 200 jquery.backstretch.min.js Show response
insurads.com/js/ 4 KB
4 KB 86ms
82ms Script
application/javascript 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/js/jquery.backstretch.min.js
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:18:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "058088f9778f0aa6b82296223f32c609"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4236
x-amz-cf-id: hgzGFhpU560Ip8cVBf65AnNK9u9l68u5rdtDldNjLBd7UulTKZCIzg==
x-amz-meta-s3b-last-modified: 20170921T163428Z

GET
H2 200 bootstrap.min.js Show response
insurads.com/js/ 36 KB
36 KB 106ms
102ms Script
application/javascript 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/js/bootstrap.min.js
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:18:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "e7d9a06cf9053c51cd4ad3386da0659a"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 36822
x-amz-cf-id: FOV8vS7HgH7gqEswvETduDlFcpdf7XfL2jd747o74ruB5j1zf9ElLw==
x-amz-meta-s3b-last-modified: 20170921T163428Z

GET
H2 200 bootstrap.validator.min.js Show response
insurads.com/js/ 8 KB
8 KB 87ms
84ms Script
application/javascript 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/js/bootstrap.validator.min.js
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be70f0575919067143757f3be91733ea5a198a9bbc730e7941ee9849f136315c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:18:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "d040e61049975db2a91438fd973567d6"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 7737
x-amz-cf-id: Yr_eWUmZ1ra3OkXRVgrOTOqA-fnWUPb4cEDe80vP838WN2HPUDXvDA==
x-amz-meta-s3b-last-modified: 20170921T163428Z

GET
H2 200 main.js Show response
insurads.com/js/ 1000 B
1 KB 86ms
83ms Script
application/javascript 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/js/main.js
Requested by: Host: insurads.com
URL: https://insurads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9711c217fd1db566e7b200bcb0d796937f658a1a6dd3aef6dd102f5d257366e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 11:04:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "86c137bfdc832de50d0c913bcef2f3e9"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1000
x-amz-cf-id: _4M4dtl0wXGbX3iYSnzstevbnRIe8htJG81KaAPOTlqyXVXhi7jYWQ==
x-amz-meta-s3b-last-modified: 20170921T200717Z

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
48 KB 129ms
60ms Script
application/javascript 142.251.35.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXLZSSFW

Requested by

Host: insurads.com
URL: https://insurads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

85d71957f828cc61f37730a532267d6faf874491117987af190841c83c5a6313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48303
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Apr 2024 18:22:05 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/ 440 KB
138 KB 27ms
26ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 11:17:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25477
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141128
x-xss-protection: 0
server: cafe
etag: 1320909909656752868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Apr 2025 11:17:28 GMT

GET
H2 200 7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v33/ 19 KB
20 KB 91ms
26ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v33/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:300italic,700italic,400,300,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

03df3810057024145917e96fda09bb9e193050a8cf5913962448acfab588e384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://insurads.com
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:01:29 GMT
x-content-type-options: nosniff
age: 210036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19676
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:01:29 GMT

GET
H2 200 22954957514 Show response
fundingchoicesmessages.google.com/i/ 179 KB
60 KB 135ms
69ms Script
application/javascript 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22954957514?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

e12d170299b5ef405cfc62ee91edbf3b0323608302985702ac73ab62e56432dc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Fza2ik1nQF9J5brB5sBQqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Fza2ik1nQF9J5brB5sBQqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcJxtOriBTeDBvtNzmACUljXo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 logs
bat.bing.net/adsdk/ Frame 0
0 130ms
53ms Preflight 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/adsdk/logs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://insurads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Apr 2024 18:22:05 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6E6370E41E2F403CBFECF36B13E720B4 Ref B: YTO01EDGE0511 Ref C: 2024-04-05T18:22:05Z

OPTIONS
H2 200 logs
bat.bing.net/adsdk/ Frame 0
0 130ms
53ms Preflight 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/adsdk/logs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://insurads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Apr 2024 18:22:05 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DF478159EDB2449F934D66F2FA15F292 Ref B: YTO01EDGE0511 Ref C: 2024-04-05T18:22:05Z

POST
H2 204 logs
bat.bing.net/adsdk/ 0
0 102ms
101ms Fetch 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/adsdk/logs
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/pubcenter/sdk.js?siteId=10321967&publisherId=253247115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 18:22:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE6A984C561C423CAB68311447669981 Ref B: YTO01EDGE0511 Ref C: 2024-04-05T18:22:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 logs
bat.bing.net/adsdk/ 0
0 43ms
43ms Fetch 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/adsdk/logs
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/pubcenter/sdk.js?siteId=10321967&publisherId=253247115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 18:22:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B582635B0224613B2611D05B492FBE8 Ref B: YTO01EDGE0511 Ref C: 2024-04-05T18:22:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub.js Show response
bat.bing.com/ 3 KB
2 KB 109ms
44ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/pub.js?ti=10321967

Requested by

Host: insurads.com
URL: https://insurads.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c09f0376aa426e7bda16a65f973ae3b79f97c3002fa1669a7d44216f94cebd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 05 Apr 2024 18:22:05 GMT
last-modified: Tue, 07 Mar 2023 21:59:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 609BA390EF424E38BAE547DB8CBA62A5 Ref B: YTO01EDGE0718 Ref C: 2024-04-05T18:22:05Z
etag: "0cf87234051d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 1378

GET
H2 200 AGSKWxX48JREZT2Iqbo74pHPzdIpqF0oCvFWI61pfFllgnAae8dP5IGBO4hHy9nC_a2JSpGTLySTtI660Nc5mpKFNqLlYumCAwvSt1tfM8ZcBLc3jAZbJwLkUksHyat08EfsJAbTnipMzA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
65ms Script
application/javascript 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX48JREZT2Iqbo74pHPzdIpqF0oCvFWI61pfFllgnAae8dP5IGBO4hHy9nC_a2JSpGTLySTtI660Nc5mpKFNqLlYumCAwvSt1tfM8ZcBLc3jAZbJwLkUksHyat08EfsJAbTnipMzA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzQxMzI1LDY4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9pbnN1cmFkcy5jb20vIixudWxsLFtbOCwiNUQwRWlxSXBlcHciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.5D0EiqIpepw.es5.O/am=wA/d=1/rs=AJlcJMzDBNPp3NARTnIWOu_ovBo_PWQFhg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

78de09bff1958a1703f0439d1fcb06d996c07246a1a4adb98a293d4df1f05b05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tmZ9tJkzLpYBDAhaqW4xTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-tmZ9tJkzLpYBDAhaqW4xTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw1pBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQJz07zxrERAL8XCcbTq4gU1gweU5t5gABXI6zA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 48ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 04:40:37 GMT
content-encoding: gzip
age: 913288
x-guploader-uploadid: ABPtcPrLI1BNKHYlydEJBk6luxSskemuBmDjoAqMSsZBpTjl6bI6XnxtKyNHUFsR-sJH8g3KMUw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 26 Mar 2025 04:40:37 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 99ms
40ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

2ac6aef1d4396fbf199ae8dc0a823013452ca6573bd210a77bbab1ac10f93fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 19 Mar 2024 00:48:43 GMT
server: nginx
etag: W/"65f8e0eb-a5db"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 18:22:05 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 48ms
13ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Apr 2024 18:22:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6698
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4577-YYZ
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 65ms
31ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 11:38:58 GMT
server: cloudflare
x-amz-request-id: NCAV88Z24XA4T0DF
age: 3446
etag: W/"7ceb45871763bd74cf4140e0b5fe846a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 86fb8fc5cf6ca1f9-YYZ
x-amz-id-2: asn02XEMHoZtR0Ent/9RuyCdCObYaxnEXvV2Ka2kmIZHrRZAIVbvfIhxYImakRsYLMMAxP48A9Bvk3d6U0GHUw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 150ms
118ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 7a08894b5db3172a3bd6762dffe84665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 83ms
26ms Script
text/javascript 18.164.110.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.110.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-110-14.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 05 Apr 2024 08:27:56 GMT
Via: 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 35650
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: lZEkFnZYykmm1NEoFZFSUSxLK0rPB0kWAfmDv32wqEWWa3Mxa46iHg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 96ms
29ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 15:30:07 GMT
content-encoding: gzip
via: 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 10319
x-amz-server-side-encryption: AES256
etag: W/"21f8671135afbd2e874c42d3dc478afa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: jOHiyW1J6oIfxc9GzYL22UohzgDRfoTcYu4N0Z7E0S7C8Q8rO5UI4g==

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 103ms
27ms Script
application/javascript 13.225.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-25.ewr50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:16:34 GMT
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: EWR50-C1
age: 332
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 45A7j3YXnZKXj5n90VyxIhboNda4EAIEJk2XDRT26H8tjDKcLi2NZQ==

GET
H2 200 10321967.js Show response
bat.bing.com/p/pub/ 631 B
594 B 45ms
45ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/pub/10321967.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/pub.js?ti=10321967

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

597922f5398029aba729cf57754adb094d0090479ccbb816b5d193dcd2273d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 05 Apr 2024 18:22:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C791ED3803A4D81AA085FAB97A3119C Ref B: YTO01EDGE0718 Ref C: 2024-04-05T18:22:05Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800
content-length: 429

GET
H3 200 AGSKWxWwdruK7HFM50Xv7ekg1SYb90kLTORzMXhAAUypf7V2CZxHhEofx5oDlqNgEGuOM8CrBWAGp9iALisaGeIG1oNUOdGB8MQZ8kV9K5vNwC0Op0w07crmUR48FxTdUPnXvVOWzbD-sg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 68ms
67ms Script
application/javascript 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWwdruK7HFM50Xv7ekg1SYb90kLTORzMXhAAUypf7V2CZxHhEofx5oDlqNgEGuOM8CrBWAGp9iALisaGeIG1oNUOdGB8MQZ8kV9K5vNwC0Op0w07crmUR48FxTdUPnXvVOWzbD-sg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzQxMzI1LDc1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaW5zdXJhZHMuY29tLyIsbnVsbCxbWzgsIjVEMEVpcUlwZXB3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

1f29b3d9c4fdefaf9612917b3bb7ace429c5878374b2d69467d1392a11397bc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r_mGv2FwXXIWkJOBJDqggg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-r_mGv2FwXXIWkJOBJDqggg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcJxtOriBTeDHxHu_mQCU1zZE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 kg59dykwhz Show response
www.clarity.ms/tag/ 650 B
1012 B 151ms
50ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kg59dykwhz
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/pub/10321967.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ae732d1137771ededead2311336ba074944465be65a7907a65eea97a808c2baa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 05 Apr 2024 18:22:05 GMT
x-azure-ref: 20240405T182205Z-15cd8b5947df9df53k0st2tad000000000t0000000006pb9
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame CF6E 0
0 47ms
13ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/pub/10321967.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://insurads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-CA,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 63522
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 05 Apr 2024 18:22:05 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 21 Mar 2024 00:42:53 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1393, 111179
X-Served-By: cache-lga13626-LGA, cache-yyz4545-YYZ
X-Timer: S1712341326.799898,VS0,VE0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 362ms
113ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://insurads.com
date: Fri, 05 Apr 2024 18:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
611 B 127ms
56ms XHR
application/json 3.219.94.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.94.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-94-105.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7ab5de32ec45aec510ac5ecf37356b96bd180a8c2174fe664c0e3215b81789b6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 18:22:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://insurads.com
cache-control: no-cache
x-server: 10.40.48.235
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.26/ 60 KB
25 KB 44ms
44ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.26/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kg59dykwhz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:05 GMT
content-encoding: br
last-modified: Mon, 01 Apr 2024 13:40:06 GMT
etag: W/"0x8DC52513DD96806"
vary: Accept-Encoding
x-azure-ref: 20240405T182205Z-15cd8b5947df9df53k0st2tad000000000t0000000006pbb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d283f71b-101e-0028-6afc-864f73000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9738E838703D4024B70777BAFF114F5A&RedC=c.clarity.ms&MXFR=3315F225BA97650B3D66E67DBE976B14
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9738E838703D4024B70777BAFF114F5A&MUID=1E96ADA8BE5C6E371564B9F0BFF66FEA

42 B
443 B

32ms
32ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9738E838703D4024B70777BAFF114F5A&MUID=1E96ADA8BE5C6E371564B9F0BFF66FEA
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://insurads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 18:22:05 GMT
last-modified: Fri, 01 Mar 2024 22:53:54 GMT
server: Microsoft-IIS/10.0
etag: "32434d562b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 05 Apr 2024 18:22:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B75DBD176D5422D885BB678A8775ABC Ref B: YTO01EDGE0718 Ref C: 2024-04-05T18:22:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9738E838703D4024B70777BAFF114F5A&MUID=1E96ADA8BE5C6E371564B9F0BFF66FEA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 favicon.ico
insurads.com/ 15 KB
15 KB 59ms
59ms Other
image/x-icon 18.164.116.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insurads.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-9.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7409aec501b1b58012838e4f6bdccfa5d3ba9bb5cfde3645da2ccde6c6041a6a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 11:38:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "fd95fc48fb458e2f36b65db3902ee96a"
x-cache: RefreshHit from cloudfront
content-type: image/x-icon
accept-ranges: bytes
content-length: 15086
x-amz-cf-id: qRi5ApqVuzEqn6Gex8WjJoyNaK7TiVJWAEcoZtQq8e6toI3mygB-qA==
x-amz-meta-s3b-last-modified: 20180626T113208Z

POST
H/1.1 204
No Content collect Show response
h.clarity.ms/ 0
292 B 145ms
78ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.26/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://insurads.com
Date: Fri, 05 Apr 2024 18:22:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxVgmfiTuqtkRsxDkX8JZqy8OVx1iFDRaCDbNe3wzYzVMmhv6UZlQW1wh6iQj5wG2qHi4EjZrlDAYRLpZbIEmXi9YZ_lcvzZsNv1U0RTJQAZY1j5gBPG-QATSDTEgOI7_ZJcmR1MYzlbMPVyCnTFqlE4KPXLe... 54 B
110 B 52ms
51ms Script
application/javascript 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVgmfiTuqtkRsxDkX8JZqy8OVx1iFDRaCDbNe3wzYzVMmhv6UZlQW1wh6iQj5wG2qHi4EjZrlDAYRLpZbIEmXi9YZ_lcvzZsNv1U0RTJQAZY1j5gBPG-QATSDTEgOI7_ZJcmR1MYzlbMPVyCnTFqlE4KPXLedA1HjokYcDMJPIafEEsTdzphmdH0KTN/_/adzintext-/banner_468./ad_label728./ads/?QAPS_/adv_manager_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.5D0EiqIpepw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzNV19UyHcrf77ePvIhQaf-36RBwg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

c6f159337eb523329ea3c875e91cbe9e8803e1e236690cb32b81b8c0eb6cc675

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_eXWa7NSbzBDpbZAxyjmag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_eXWa7NSbzBDpbZAxyjmag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcJxrOriBTaBhzoabjACMLzV7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 89ms
27ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:17:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Apr 2024 22:17:50 GMT

POST
H3 204 AGSKWxWBPAkzN1Iy7pEKRq36sRW62xyp5gR8biwRaaF2U-M3yq7gz7O0XSyft1ELj0D1N7FJglJWj-NhKeOHYiq6c2xJ8esBLHf8VoH5bVoPEgXQLqr8Gx054pfIo1aTzxO2WTFad4BJjQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 107ms
50ms XHR
text/html 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPAkzN1Iy7pEKRq36sRW62xyp5gR8biwRaaF2U-M3yq7gz7O0XSyft1ELj0D1N7FJglJWj-NhKeOHYiq6c2xJ8esBLHf8VoH5bVoPEgXQLqr8Gx054pfIo1aTzxO2WTFad4BJjQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gG_8_li8JkJa9dk9EHp8og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-gG_8_li8JkJa9dk9EHp8og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1iDgFiIh-Nc08ENbAIXVjz4zAgAxqYMsg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://insurads.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPAkzN1Iy7pEKRq36sRW62xyp5gR8biwRaaF2U-M3yq7gz7O0XSyft1ELj0D1N7FJglJWj-NhKeOHYiq6c2xJ8esBLHf8VoH5bVoPEgXQLqr8Gx054pfIo1aTzxO2WTFad4BJjQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DJB-rrQf7k93k_yz1oid5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-DJB-rrQf7k93k_yz1oid5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1iDgFiIh-Nc08ENbAIbVl36wggAxtQMjg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://insurads.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPAkzN1Iy7pEKRq36sRW62xyp5gR8biwRaaF2U-M3yq7gz7O0XSyft1ELj0D1N7FJglJWj-NhKeOHYiq6c2xJ8esBLHf8VoH5bVoPEgXQLqr8Gx054pfIo1aTzxO2WTFad4BJjQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DSaQPxXqn-_zoZbegAnosg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DSaQPxXqn-_zoZbegAnosg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1iDgFiIh-Nc08ENbAI3mhY0MwEAxacL7Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://insurads.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPAkzN1Iy7pEKRq36sRW62xyp5gR8biwRaaF2U-M3yq7gz7O0XSyft1ELj0D1N7FJglJWj-NhKeOHYiq6c2xJ8esBLHf8VoH5bVoPEgXQLqr8Gx054pfIo1aTzxO2WTFad4BJjQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-znrTuHx1PP412tcus_bZoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-znrTuHx1PP412tcus_bZoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIh-Nc08ENbAI__l9sYQIAxrAMrA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://insurads.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVq4qm2HsUFQqOHTrXA9r_mVzCcPSVKIODXE1EENVoOIqoIeft97zf8A9cRMUmHNmjVTzP1Dz9Xg_cSCPqQ5VmqTNMc0K2aW36rb65sqiJMjYV3JBm_BCcOoVFjq3R2dvcV4Ecmgg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
61ms Script
application/javascript 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVq4qm2HsUFQqOHTrXA9r_mVzCcPSVKIODXE1EENVoOIqoIeft97zf8A9cRMUmHNmjVTzP1Dz9Xg_cSCPqQ5VmqTNMc0K2aW36rb65sqiJMjYV3JBm_BCcOoVFjq3R2dvcV4Ecmgg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzQxMzI2LDUxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pbnN1cmFkcy5jb20vIixudWxsLFtbOCwiNUQwRWlxSXBlcHciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

be12c645a6c9a61bc5156f16563cfeeb8a6f0a5e25349c682fbd88c3560f7c9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aSmHOGaF_mjkBEqlHeKm3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-aSmHOGaF_mjkBEqlHeKm3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otAnPTvPGsREAvxcJxrOriBTeBD-60uJgCQTjW3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX2O5KLUxUhizy-kQiUvRdnhgJDq5nSITOSB9Se_R1Mo_bwvvP0uExjXYC3VImnKDtcghVNOQouXmwruCPyEdUcSoWeoSKqrYeIN2ZxG0K0nSvnMhaerAuHINldVzKPSYFp1CkaUg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
51ms XHR
text/html 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2O5KLUxUhizy-kQiUvRdnhgJDq5nSITOSB9Se_R1Mo_bwvvP0uExjXYC3VImnKDtcghVNOQouXmwruCPyEdUcSoWeoSKqrYeIN2ZxG0K0nSvnMhaerAuHINldVzKPSYFp1CkaUg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sTYKMd9ytsVnzdU6FCJ7mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 18:22:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sTYKMd9ytsVnzdU6FCJ7mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1iDgFiIh-Nc08ENbAI3Vt9czAQAxxQMbg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://insurads.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
h.clarity.ms/ 0
292 B 29ms
29ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.26/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://insurads.com/
accept-language: en-CA,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://insurads.com
Date: Fri, 05 Apr 2024 18:22:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 04:24:37	Name: CLID Value: 7c74984a36a34138b4245a68ff23aca6.20240405.20250405
.crwdcntrl.net/	1970-01-21 02:07:48	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 02:07:48	Name: _cc_id Value: 527a6fde581b1bcd6f12c2b40209479f
.insurads.com/	1970-01-21 02:07:49	Name: _cc_id Value: 527a6fde581b1bcd6f12c2b40209479f
.insurads.com/	1970-01-20 19:40:27	Name: panoramaId_expiry Value: 1712427725881
.adnxs.com/	1970-01-21 05:15:01	Name: receive-cookie-deprecation Value: 1
.insurads.com/	1970-01-21 04:24:37	Name: _clck Value: 1xzvlrc%7C2%7Cfko%7C0%7C1556
.bing.com/	1970-01-21 05:00:37	Name: MUID Value: 1E96ADA8BE5C6E371564B9F0BFF66FEA
.c.bing.com/	1970-01-20 19:49:06	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:00:37	Name: SRM_B Value: 1E96ADA8BE5C6E371564B9F0BFF66FEA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:00:37	Name: MUID Value: 1E96ADA8BE5C6E371564B9F0BFF66FEA
.c.clarity.ms/	1970-01-20 19:49:06	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:39:01	Name: ANONCHK Value: 0
.insurads.com/	1970-01-20 19:40:27	Name: _clsk Value: 1w0xelh%7C1712341326211%7C1%7C1%7Ch.clarity.ms%2Fcollect
.insurads.com/	1970-01-21 04:24:37	Name: FCNEC Value: %5B%5B%22AKsRol9y_rjFxEo89PfKzWTw78Oi5M1vdZIH78g2952_BSiJf4l9_uqoBjAu5lLy2D_XkGz8_DO5GOVcLmMK_R2CYR6i8AF8zbIxvtNb9QEfNr-VsSrR3lMVKA9XmGRFj7LKXPeBk1ozjsv67Dx8fAUI_nfJAgmq-A%3D%3D%22%5D%5D

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://insurads.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adsdk.microsoft.com
bat.bing.com
bat.bing.net
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
connectid.analytics.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
h.clarity.ms
id5-sync.com
insurads.com
invstatic101.creativecdn.com
oa.openxcdn.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
www.clarity.ms
www.googletagmanager.com
104.22.52.86
108.138.128.46
13.107.21.237
13.107.213.40
13.107.246.40
13.225.214.25
141.95.98.65
142.250.176.206
142.250.64.66
142.251.35.168
142.251.40.130
142.251.40.170
142.251.40.195
151.101.65.108
151.101.65.229
18.164.110.14
18.164.116.9
20.110.205.119
3.219.94.105
34.102.146.192
34.96.70.87
52.224.31.34
74.119.119.131
03df3810057024145917e96fda09bb9e193050a8cf5913962448acfab588e384
10493cd7d3eb405272bc85f6eb9eae011338017f1ca6d2cf27111b5f0d4ea05c
1f29b3d9c4fdefaf9612917b3bb7ace429c5878374b2d69467d1392a11397bc9
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
2ac6aef1d4396fbf199ae8dc0a823013452ca6573bd210a77bbab1ac10f93fb5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3d5aa0e9bce4053120e7bd86cc024eb00c45b15f2b5de139cd9dcd36be433e17
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
597922f5398029aba729cf57754adb094d0090479ccbb816b5d193dcd2273d45
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7409aec501b1b58012838e4f6bdccfa5d3ba9bb5cfde3645da2ccde6c6041a6a
78b26cb9cb38a8c402d705da9e17e947665518842f132d647ddcca85f27db7e8
78de09bff1958a1703f0439d1fcb06d996c07246a1a4adb98a293d4df1f05b05
7ab5de32ec45aec510ac5ecf37356b96bd180a8c2174fe664c0e3215b81789b6
7c90855f1f821b24d01c04a15ce6ef84b638d7c96df538bd87c12a00166602c4
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
85d71957f828cc61f37730a532267d6faf874491117987af190841c83c5a6313
964420505247d44a94a06ee7b5f7c6e3fa6575e6853431401d4935ff68c60e94
9711c217fd1db566e7b200bcb0d796937f658a1a6dd3aef6dd102f5d257366e7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ae732d1137771ededead2311336ba074944465be65a7907a65eea97a808c2baa
b769708bf91ed743142ad33a4e8332f8b17e6c587ad56be1edb67bc57e1fffb9
bcae6821ce0513770436fde143b0787a84e901481daa34d59ce983e011222e45
be12c645a6c9a61bc5156f16563cfeeb8a6f0a5e25349c682fbd88c3560f7c9c
be70f0575919067143757f3be91733ea5a198a9bbc730e7941ee9849f136315c
c09f0376aa426e7bda16a65f973ae3b79f97c3002fa1669a7d44216f94cebd85
c6f159337eb523329ea3c875e91cbe9e8803e1e236690cb32b81b8c0eb6cc675
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e12d170299b5ef405cfc62ee91edbf3b0323608302985702ac73ab62e56432dc
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0
f8e822033baed6be1018ba6edb3a251211a886ef7eddc0a9246442d3a64ba028

insurads.com Open in urlscan Pro 18.164.116.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

0 %IPv6

20 Domains

25 Subdomains

23 IPs

3 Countries

798 kBTransfer

1594 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

insurads.com Open in urlscan Pro
18.164.116.9 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

0 %
IPv6

20
Domains

25
Subdomains

23
IPs

3
Countries

798 kB
Transfer

1594 kB
Size

16
Cookies

51 HTTP transactions
0 data transactions