www.geico.com Open in urlscan Pro
104.111.245.152 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.geico.com/
Submission: On October 05 via manual (October 5th 2021, 6:17:29 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 22 domains to perform 108 HTTP transactions. The main IP is 104.111.245.152, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.geico.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on August 10th 2021. Valid for: a year.

This is the only time www.geico.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	104.111.245.152 104.111.245.152	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.85.0.236 104.85.0.236	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.110.56.188 13.110.56.188	14340 (SALESFORCE) (SALESFORCE)
2	104.111.214.229 104.111.214.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	54.171.219.200 54.171.219.200	16509 (AMAZON-02) (AMAZON-02)
1	104.22.53.252 104.22.53.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.21.141.59 2.21.141.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.154.124.189 54.154.124.189	16509 (AMAZON-02) (AMAZON-02)
3	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	54.75.68.230 54.75.68.230	16509 (AMAZON-02) (AMAZON-02)
1	34.252.166.160 34.252.166.160	16509 (AMAZON-02) (AMAZON-02)
12	13.110.56.187 13.110.56.187	14340 (SALESFORCE) (SALESFORCE)
3	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
4	35.188.210.33 35.188.210.33	15169 (GOOGLE) (GOOGLE)
1	35.223.68.91 35.223.68.91	15169 (GOOGLE) (GOOGLE)
7	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 3	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
9	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.44 13.224.193.44	16509 (AMAZON-02) (AMAZON-02)
2	13.225.87.109 13.225.87.109	16509 (AMAZON-02) (AMAZON-02)
2	13.110.57.222 13.110.57.222	14340 (SALESFORCE) (SALESFORCE)
108	30

31 104.111.245.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-152.deploy.static.akamaitechnologies.com

www.geico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.85.0.236 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-236.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.56.188 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg1-c5-iad4.na162-ia4.force.com

geico-crm.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.214.229 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-229.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6852bd0b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.219.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.252 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-59.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.124.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-124-189.eu-west-1.compute.amazonaws.com

geico.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

sadobeanalytics.geico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.68.230 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.166.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com

geico.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.110.56.187 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

geicoinsurance.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.188.210.33 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 33.210.188.35.bc.googleusercontent.com

geico-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.68.91 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 91.68.223.35.bc.googleusercontent.com

geico-sync.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

2992003.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0thecsujsizknzd-geico.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-44.fra2.r.cloudfront.net

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-109.fra2.r.cloudfront.net

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.57.222 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com

d.la4-c1-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	geico.com www.geico.com sadobeanalytics.geico.com	421 KB
12	salesforce.com geicoinsurance.my.salesforce.com	42 KB
9	qualtrics.com zn0thecsujsizknzd-geico.siteintercept.qualtrics.com	7 KB
8	adobedtm.com assets.adobedtm.com	119 KB
7	bing.com bat.bing.com	21 KB
6	quantummetric.com cdn.quantummetric.com geico-app.quantummetric.com geico-sync.quantummetric.com	89 KB
5	doubleclick.net 1 redirects 2992003.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	demdex.net 1 redirects dpm.demdex.net geico.demdex.net	6 KB
3	branch.io cdn.branch.io api2.branch.io	25 KB
3	googletagmanager.com www.googletagmanager.com	114 KB
2	salesforceliveagent.com d.la4-c1-ia4.salesforceliveagent.com	5 KB
2	facebook.com www.facebook.com	414 B
2	facebook.net connect.facebook.net	93 KB
2	google.com www.google.com adservice.google.com	1 KB
2	googleadservices.com www.googleadservices.com	32 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
2	force.com geico-crm.secure.force.com	3 KB
1	akstat.io 6852bd0b.akstat.io	201 B
1	app.link app.link	567 B
1	omtrdc.net geico.tt.omtrdc.net	503 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
108	22

	Domain	Requested by
31	www.geico.com	www.geico.com cdn.quantummetric.com
12	geicoinsurance.my.salesforce.com	www.geico.com geicoinsurance.my.salesforce.com
9	zn0thecsujsizknzd-geico.siteintercept.qualtrics.com	cdn.quantummetric.com
8	assets.adobedtm.com	assets.adobedtm.com
7	bat.bing.com	www.geico.com bat.bing.com 2992003.fls.doubleclick.net
4	geico-app.quantummetric.com	cdn.quantummetric.com
3	2992003.fls.doubleclick.net	1 redirects www.googletagmanager.com www.geico.com
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	sadobeanalytics.geico.com	cdn.quantummetric.com www.geico.com
3	dpm.demdex.net	1 redirects www.geico.com
2	d.la4-c1-ia4.salesforceliveagent.com	geicoinsurance.my.salesforce.com
2	api2.branch.io	cdn.quantummetric.com
2	www.facebook.com	2992003.fls.doubleclick.net
2	connect.facebook.net	2992003.fls.doubleclick.net connect.facebook.net
2	www.googleadservices.com	www.googletagmanager.com 2992003.fls.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com cdn.quantummetric.com
2	geico-crm.secure.force.com	www.geico.com
1	6852bd0b.akstat.io	s.go-mpulse.net
1	app.link	cdn.branch.io
1	cdn.branch.io	www.geico.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	adservice.google.com	2992003.fls.doubleclick.net
1	www.google.com	www.geico.com
1	stats.g.doubleclick.net	cdn.quantummetric.com
1	geico-sync.quantummetric.com	cdn.quantummetric.com
1	geico.tt.omtrdc.net	cdn.quantummetric.com
1	cm.everesttech.net	1 redirects
1	geico.demdex.net	assets.adobedtm.com
1	c.go-mpulse.net	s.go-mpulse.net
1	cdn.quantummetric.com	assets.adobedtm.com
1	s.go-mpulse.net	www.geico.com
108	31

This site contains links to these domains. Also see Links.

Domain
ecams.geico.com
geico.app.link
commercial.geico.com
careers.geico.com
media.geico.com
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.geico.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-08-10` - `2022-08-10`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.na162.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-01-11`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
sadobeanalytics.geico.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-16` - `2022-07-17`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-13`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
la4-c1-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-22` - `2022-01-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.geico.com/
Frame ID: 53F4A6ED2EAA8C0570D009D328580036
Requests: 84 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Frame ID: E257B49156E6CDEDF5A1E7B364BFE4F2
Requests: 2 HTTP requests in this frame

Frame: https://geico.demdex.net/dest5.html?d_nsid=0
Frame ID: A79D79CF0ACE74AF2215D13FC861DA7C
Requests: 1 HTTP requests in this frame

Frame: https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1633457845091&v=1633457845203&z=1&S=0&N=0&P=0
Frame ID: A8F3751302309AC58E01D613A568C114
Requests: 5 HTTP requests in this frame

Frame: https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F
Frame ID: 1CD2FB1572768E27414823961D795AD9
Requests: 11 HTTP requests in this frame

Frame: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/
Frame ID: 0FCCE010A442CDCB6090A117742119AD
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

An Insurance Company For Your Car And More | GEICO

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

31
Subdomains

30
IPs

6
Countries

1051 kB
Transfer

3634 kB
Size

35
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://ecams.geico.com/activation?traceback=static
Title: Activate account

Search URL Search Domain Scan URL

URL: https://geico.app.link/static/GEICOApp?~campaign=Campaign:Static:HomePage:Default
Title: GEICO Mobile App

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=PAY_AND_ENROLL&traceback=static_exp_pay
Title: Make a payment

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=ID_CARD&traceback=static_exp_id
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=VEHICLE&traceback=static_exp_veh
Title: Add a vehicle

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=PAPERLESS&traceback=static_exp_paperless
Title: Go Paperless

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/ecams/login
Title: login

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/ForgotUserId.aspx
Title: User ID

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/ForgotPassword.aspx
Title: password

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/Register.aspx
Title: Sign up for online access

Search URL Search Domain Scan URL

URL: https://geico.app.link/StaticLogInPanelReportIncident
Title: Report an incident

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticLogInPanelTrackClaim
Title: Track a claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticLogInReportGlass
Title: Report glass-only damage

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeRequestERS
Title: Request roadside assistance

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationPanelReportaClaim
Title: Report a Claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationPanelViewClaim
Title: View a Claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationClaimsGetERS
Title: Get Roadside Help

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInfoPanelReportGlassDamage
Title: Report Glass Damage

Search URL Search Domain Scan URL

URL: https://careers.geico.com/us/en/
Title: Careers

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeReportAnIncident
Title: Report an Incident

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeTrackClaim
Title: Track a claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeReportGlassDamage
Title: Report glass-only damage

Search URL Search Domain Scan URL

URL: https://media.geico.com/legal/cookie_policy.html
Title: cookie policy

Search URL Search Domain Scan URL

URL: https://media.geico.com/legal/privacy_policy.htm
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/id331763096

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.geico.mobile

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geico

Search URL Search Domain Scan URL

URL: https://twitter.com/geico

Search URL Search Domain Scan URL

URL: https://www.instagram.com/geico/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@geico?lang=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/geico/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GEICO

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1633457843802 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1633457843802

Request Chain 34

https://cm.everesttech.net/cm/dd?d_uuid=28445859360835675222593024071279280097 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVyWtAAAAKDiwAP7

Request Chain 52

https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F HTTP 302
https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.geico.com/ 116 KB
23 KB 861ms
797ms Document
text/html 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aee060c1ecbf5659dc910b28a1b5e1e350c81c5dcf326428d81d10b23ea5382d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.geico.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Apache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
link: <https://assets.adobedtm.com>; rel=preconnect <https://www.googletagmanager.com>; rel=preconnect <https://dpm.demdex.net>; rel=preconnect <https://vt.myvisualiq.net>; rel=preconnect <https://t.myvisualiq.net>; rel=preconnect <https://p.tvpixel.com>; rel=preconnect <https://d.turn.com>; rel=preconnect <https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js>; rel=preload; as=script <https://bat.bing.com>;rel="preconnect",<https://assets.adobedtm.com>;rel="preconnect",<https://www.googleadservices.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://geicoinsurance.my.salesforce.com>;rel="preconnect"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 13-256862326-257009822 NNNN CT(98 118 0) RT(1633457277507 564994) q(0 0 2 1) r(3 3) U5
x-akamai-transformed: 9 - 0 pmb=mRUM,2
expires: Tue, 05 Oct 2021 18:17:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 05 Oct 2021 18:17:23 GMT
content-length: 21767
set-cookie: experiment1=HomepageProductSelector_GroupA; expires=Fri, 15-Oct-2021 04:00:00 GMT; Max-Age=812557; path=/; domain=.geico.com; secure; HttpOnly; SameSite=Lax visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; expires=Tue, 04 Oct 2022 23:31:14 GMT; HttpOnly; path=/; Domain=.geico.com; Secure; SameSite=None incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; path=/; Domain=.geico.com; Secure; SameSite=None AKA_A2=A; expires=Tue, 05-Oct-2021 19:17:23 GMT; path=/; domain=geico.com; secure; HttpOnly
server-timing: edge; dur=441 origin; dur=346 cdn-cache; desc=MISS

GET
H2 200 launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js Show response
assets.adobedtm.com/ 381 KB
103 KB 84ms
16ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 20ffcf9060e62f5b99878519e86093ff52430ccd7d04f29344066b9cbe7ee745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:23 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:00 GMT
server: AkamaiNetStorage
etag: "2a17037a053401d7cb9b62a01a8024ae:1632859440.429434"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 104503
expires: Tue, 05 Oct 2021 19:17:23 GMT

GET
H2 200 cache-base-css.php
www.geico.com/public/css/design6/ 232 KB
32 KB 14ms
14ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/css/design6/cache-base-css.php

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d916ba6c2c7a2ef02da3b9ce161a3be774912417354fc7fe33af480a8fecbb8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/css/design6/cache-base-css.php
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css;charset=UTF-8
x-iinfo: 4-204015475-204015481 NNNN CT(103 105 0) RT(1633431187824 32) q(0 0 2 0) r(4 4) U5
x-xss-protection: 1; mode=block
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 32333
x-cdn: Imperva

GET
H2 200 geico.com.css
www.geico.com/public/css/design6/ 28 KB
5 KB 17ms
17ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/css/design6/geico.com.css

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c63d9709ed33ef26efdf0963fd0bed73318d9f8107a900ca1ce3698be8529e4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/css/design6/geico.com.css
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-968711-968712 NNNN CT(11 26 0) RT(1633431122544 4) q(0 0 0 4) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 4985
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:53:15 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 main.css
www.geico.com/public/experiments/homepage_product_selector/ 44 KB
7 KB 19ms
18ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/experiments/homepage_product_selector/main.css

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3e7788dc01d349de31ed9a5b0172a01777548cc1b105b3b759c2562b9c07f602

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/experiments/homepage_product_selector/main.css
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 12-15742965-15742966 SNNN RT(1633431122804 13839) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 7016
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:56:35 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 gecko-half-service.jpg
www.geico.com/public/layout_images/homepage/design6/ 4 KB
4 KB 26ms
22ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/layout_images/homepage/design6/gecko-half-service.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

bf222d391a3e48d83679ab92452773c1183d81dab59bb2a1e161259d0872c105

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/layout_images/homepage/design6/gecko-half-service.jpg
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1633431403
x-content-type-options: nosniff
x-im-result-width: 110
x-image-server-cpu-estimate: 30
x-image-server-response: request-3350321-09303216-294dba60
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 3711
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Akamai Image Server
x-image-server-cpu-real: 23
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 110
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 4772
x-akamai-im-skip-dlr: 1

GET
H2 200 gecko-waving.jpg
www.geico.com/public/experiments/homepage_product_selector/ 27 KB
27 KB 28ms
25ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/experiments/homepage_product_selector/gecko-waving.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

54449a28e1d14ca4108c105adc369ada0efc1682f76352712105b0eb768ac5f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/experiments/homepage_product_selector/gecko-waving.jpg
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1633431403
x-content-type-options: nosniff
x-im-result-width: 774
x-image-server-cpu-estimate: 12
x-image-server-response: request-7196044-78235538-99a08d9
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 27337
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Akamai Image Server
x-image-server-cpu-real: 32
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 774
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 27687
x-akamai-im-skip-dlr: 1

GET
H2 200 gecko-hands-up.jpg
www.geico.com/public/experiments/homepage_product_selector/ 5 KB
6 KB 31ms
27ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/experiments/homepage_product_selector/gecko-hands-up.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

c2ddcee8d4032bb1da14fecd1d3cffde5ca72afa2e72b8665ede52d7fd569954

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/experiments/homepage_product_selector/gecko-hands-up.jpg
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1633431403
x-content-type-options: nosniff
x-im-result-width: 258
x-akamai-im-skip-dlr: 1
x-image-server-response: request-3641964-20283288-2f5fd225
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 5616
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Akamai Image Server
x-image-server-cpu-real: 19
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 258
cache-control: no-transform, max-age=3600
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 5616

GET
H2 200 geicoApp-AppStoreDL.jpg
www.geico.com/public/images/aboutgeico/mobile/ 2 KB
2 KB 33ms
29ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/images/aboutgeico/mobile/geicoApp-AppStoreDL.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/images/aboutgeico/mobile/geicoApp-AppStoreDL.jpg
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1633431126
x-content-type-options: nosniff
x-im-result-width: 101
x-akamai-im-skip-dlr: 1
x-image-server-response: request-9103407-09871579-210e924d
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1986
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Tue, 05 Oct 2021 10:48:19 GMT
server: Akamai Image Server
x-image-server-cpu-real: 11
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 101
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 3100

GET
H2 200 geicoApp-GooglePlayDL.jpg
www.geico.com/public/images/aboutgeico/mobile/ 2 KB
2 KB 35ms
32ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/images/aboutgeico/mobile/geicoApp-GooglePlayDL.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/images/aboutgeico/mobile/geicoApp-GooglePlayDL.jpg
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1633431126
x-content-type-options: nosniff
x-im-result-width: 99
x-akamai-im-skip-dlr: 1
x-image-server-response: request-8396256-67120147-3416bb54
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 2018
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Tue, 05 Oct 2021 10:48:19 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 99
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 2878

GET
H2 200 cache-base-js.php Show response
www.geico.com/public/scripts/design6/ 451 KB
84 KB 10ms
10ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/design6/cache-base-js.php

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6d7b06dc53dd7862f4e6016ee7e13fd16bb571ebc0f0fe562654da7303c72b27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/scripts/design6/cache-base-js.php
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
x-iinfo: 7-230969546-230969551 NNNN CT(108 106 0) RT(1633431403380 31) q(0 0 2 1) r(3 3) U5
x-xss-protection: 1; mode=block
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 85725
x-cdn: Imperva

GET
H2 200 jquery.cookie.js Show response
www.geico.com/public/scripts/jquery/ 4 KB
2 KB 12ms
7ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/jquery/jquery.cookie.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/scripts/jquery/jquery.cookie.js
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 8-138455-138420 PNNN RT(1633431124433 35) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 1174
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:59:30 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 global.js Show response
www.geico.com/public/scripts/design6/ 55 KB
9 KB 16ms
11ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/design6/global.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2ba96557ce30b48442ebf51491e8631eb15978162501dd60bf5ec007dbb99da0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/scripts/design6/global.js
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-16200131-16210953 NNNN CT(29 64 0) RT(1633430981280 142145) q(0 0 1 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 9247
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:54:26 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 homepage.js Show response
www.geico.com/public/experiments/homepage_product_selector/ 54 KB
8 KB 23ms
18ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/experiments/homepage_product_selector/homepage.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

167db17ca4c286af830054d0dc8e2d987df599457969fad78451722d012546ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/experiments/homepage_product_selector/homepage.js
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 12-689047-694237 NNNN CT(20 26 0) RT(1633431095840 40860) q(0 1 1 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=2
vary: Accept-Encoding
content-length: 7655
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:56:35 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 geico-virtual-greeting.png
www.geico.com/includes/chatbot/images/ 3 KB
4 KB 36ms
33ms Image
image/png 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/includes/chatbot/images/geico-virtual-greeting.png

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b61423366f631dccc2155d387a06ff7c3894d235b3054659b41a095f093e8b55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /includes/chatbot/images/geico-virtual-greeting.png
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
content-type: image/png
x-iinfo: 11-279537842-279534427 PNNN RT(1633431403389 15) q(0 0 0 0) r(1 1) U5
x-xss-protection: 1; mode=block
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 3268
x-cdn: Imperva

GET
H2 200 gabby-speechbubble.png
www.geico.com/includes/chatbot/images/ 1 KB
2 KB 37ms
34ms Image
image/png 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/includes/chatbot/images/gabby-speechbubble.png

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

83d87737a6e5ebbefe41c92a1a07117e89e531299f418cb8f04d2b42951d288e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /includes/chatbot/images/gabby-speechbubble.png
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
content-type: image/png
x-iinfo: 2-740354-740356 NNNN CT(91 92 0) RT(1633431130444 11) q(0 0 2 0) r(3 3) U5
x-xss-protection: 1; mode=block
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 1146
x-cdn: Imperva

GET
H2 200 gabby-face.png
www.geico.com/includes/chatbot/images/ 6 KB
6 KB 39ms
36ms Image
image/png 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/includes/chatbot/images/gabby-face.png

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

36601aac78ad3dee812df5ec8c9db84a0351e9df569eb3b1219377aae940d696

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /includes/chatbot/images/gabby-face.png
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
content-type: image/png
x-iinfo: 7-203242839-203242843 NNNN CT(103 109 0) RT(1633431402677 14) q(0 0 3 0) r(4 4) U5
x-xss-protection: 1; mode=block
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 5913
x-cdn: Imperva

GET
H2 200 chatbot.css
www.geico.com/includes/chatbot/ 3 KB
1 KB 20ms
15ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/includes/chatbot/chatbot.css

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f98db23e824e7b5a4eea38328acf1d224a9c56ad48878634e122fc597952b9bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /includes/chatbot/chatbot.css
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-16401628-16402383 SNNN RT(1633431110919 12433) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 824
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:55:51 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 sficon.js Show response
www.geico.com/public/scripts/ 3 KB
1 KB 23ms
19ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/sficon.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

12e1eb9a83e28c85cab1bb1fef59c6ab718158a79825c418cdd991acc442b5d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/scripts/sficon.js
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-924669-904677 PNNN RT(1633431133629 1) q(0 0 0 -1) r(0 0) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 664
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:53:39 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK LIVECHAT_STATIC_CSS
geico-crm.secure.force.com/resource/ 955 B
1 KB 1368ms
234ms Stylesheet
text/css 13.110.56.188
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-crm.secure.force.com/resource/LIVECHAT_STATIC_CSS

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.188 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.force.com

Software

Resource Hash

2fa8b84af43a96bf528b86688c171dca8ea4fb787cb2d153ed0d90c20c861365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:24 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 12 Aug 2021 10:40:21 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 344
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Nov 2021 18:17:24 GMT

GET
H/1.1 200
OK LIVECHAT_PARAMETERS Show response
geico-crm.secure.force.com/resource/ 1 KB
1 KB 1248ms
114ms Script
text/javascript 13.110.56.188
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-crm.secure.force.com/resource/LIVECHAT_PARAMETERS

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.188 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.force.com

Software

Resource Hash

613c5fbd0343f30dd4917ce643c77d5dfc440a0b576f5c8ccc88305b2b5b14a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:24 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 5 Aug 2021 08:47:31 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: text/javascript
Vary: Accept-Encoding
Content-Length: 411
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Nov 2021 18:17:24 GMT

GET
H2 200 _Incapsula_Resource Show response
www.geico.com/ 132 KB
19 KB 51ms
49ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1425537334

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

9f318115f0a125f734429a6d8ddde4cda94f63abac9c37c94cb55e4810c00c15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1425537334
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-security-policy: frame-ancestors 'self'
server-timing: edge; dur=1 origin; dur=10 cdn-cache; desc=MISS
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 18882
x-xss-protection: 1; mode=block
expires: Tue, 05 Oct 2021 18:17:23 GMT

GET
H2 200 LBAJ4-7RCLK-J6VHB-MN55E-J4AYH Show response
s.go-mpulse.net/boomerang/ Frame E257 202 KB
51 KB 36ms
9ms Script
application/javascript 104.111.214.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.229 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:23 GMT
content-encoding: br
last-modified: Tue, 14 Sep 2021 14:53:42 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 GEICOween_Logo_wht.svg
www.geico.com/public/images/ 3 KB
2 KB 41ms
40ms Image
image/svg+xml 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/images/GEICOween_Logo_wht.svg

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/css/design6/geico.com.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cd4925c501912913ce27240158c0353687fbab69877aab05f38a96410a28208c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/images/GEICOween_Logo_wht.svg
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/public/css/design6/geico.com.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/public/css/design6/geico.com.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-752088-750625 SNNN RT(1633433155938 3882) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 1177
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 11:26:01 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 lato-normal-400-latin.woff2
www.geico.com/public/design-kit/4.0/fonts/ 26 KB
26 KB 45ms
45ms Font
font/woff2 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/fonts/lato-normal-400-latin.woff2

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/css/design6/cache-base-css.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.geico.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
:path: /public/design-kit/4.0/fonts/lato-normal-400-latin.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.geico.com
referer: https://www.geico.com/public/css/design6/cache-base-css.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.geico.com/public/css/design6/cache-base-css.php
Origin: https://www.geico.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-151518493-151518497 NNNN CT(110 104 0) RT(1633431217001 31) q(0 0 2 0) r(3 3) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 25670
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 lato-normal-700-latin.woff2
www.geico.com/public/design-kit/4.0/fonts/ 25 KB
25 KB 46ms
45ms Font
font/woff2 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/fonts/lato-normal-700-latin.woff2

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/css/design6/cache-base-css.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.geico.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
:path: /public/design-kit/4.0/fonts/lato-normal-700-latin.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.geico.com
referer: https://www.geico.com/public/css/design6/cache-base-css.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.geico.com/public/css/design6/cache-base-css.php
Origin: https://www.geico.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 13-257205873-257205882 NNNN CT(109 106 0) RT(1633431220037 37) q(0 0 2 0) r(4 4) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 25025
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 geico.ttf
www.geico.com/public/design-kit/4.0/fonts/ 83 KB
47 KB 46ms
46ms Font
font/ttf 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/fonts/geico.ttf?r5709x

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/css/design6/cache-base-css.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2ecd99433a9bd49657324a1aabe6d9906daf9c14f814fbae30e615eed24446df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.geico.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
:path: /public/design-kit/4.0/fonts/geico.ttf?r5709x
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.geico.com
referer: https://www.geico.com/public/css/design6/cache-base-css.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.geico.com/public/css/design6/cache-base-css.php
Origin: https://www.geico.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-364498590-364498596 NNNN CT(105 109 0) RT(1633431220822 32) q(0 0 2 3) r(4 4) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 47876
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 g-cropped.png
www.geico.com/includes/chatbot/images/ 4 KB
5 KB 7ms
7ms Image
image/png 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/includes/chatbot/images/g-cropped.png

Requested by

Host: www.geico.com
URL: https://www.geico.com/includes/chatbot/chatbot.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

125d59e9ec5156eaa962616ad6a99f2204a5bff21c7139bd346ec6288b7ba4f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /includes/chatbot/images/g-cropped.png
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/includes/chatbot/chatbot.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/includes/chatbot/chatbot.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 14:59:45 GMT
server: Apache
date: Tue, 05 Oct 2021 18:17:23 GMT
x-frame-options: sameorigin
content-type: image/png
x-iinfo: 10-175673817-175673821 NNNN CT(109 105 0) RT(1633432637012 15) q(0 0 2 0) r(3 3) U5
x-xss-protection: 1; mode=block
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 4522
x-cdn: Imperva

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1633457843802
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1633457843802

364 B
1 KB

35ms
34ms

XHR
application/json

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1633457843802

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-200.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a4188698fdcdc7d0923a300b01f241dde946e28b683c0a9e02ead2cedb064fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0b6b44d4b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: cQxxLMv/SgM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.geico.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v018-0231ac4a8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.geico.com
X-TID: SpaKwGKJSgE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1633457843802
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 33 KB
12 KB 14ms
14ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:23 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:04:01 GMT
server: AkamaiNetStorage
etag: "4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12188
expires: Tue, 05 Oct 2021 19:17:23 GMT

GET
H2 200 quantum-geico.js Show response
cdn.quantummetric.com/qscripts/ 375 KB
88 KB 69ms
41ms Script
text/javascript 104.22.53.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-geico.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468c57f8761a187362da24967541bc7411fd75aeebfd1c7b667f90dfaab74340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 39
etag: W/"163302579977616330141659561633420806095"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 6998a5842b0e2c4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame E257 2 KB
1 KB 214ms
192ms XHR
application/json 2.21.141.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=LBAJ4-7RCLK-J6VHB-MN55E-J4AYH&d=www.geico.com&t=5444859&v=1.632.0&if=&sl=0&si=cw718chrjt-r0io50&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=294026
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.141.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6faf483c4a5a06f384ca87041b631948bae48a73bc41a88e49f8a82b50a97223

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 754

GET
H/1.1 200
OK dest5.html Show response
geico.demdex.net/ Frame A79D 7 KB
3 KB 132ms
32ms Document
text/html 54.154.124.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geico.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.124.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-124-189.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: geico.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.geico.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=28445859360835675222593024071279280097
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 5 Oct 2021 18:17:24 GMT
DCS: dcs-prod-irl1-2-v018-0dce05a19.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 23 Sep 2021 12:09:26 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: tr6k6/YiQyw=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
sadobeanalytics.geico.com/ 48 B
506 B 63ms
16ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sadobeanalytics.geico.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&mid=28188523024345307722565689810976033175&ts=1633457844006

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e49829a279f4c64c6fe65ddf89956943bea2cb6957f3ef510b2ab13b2d77f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:24 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-567564d5d5-wkcrq
vary: Origin
x-c: main-1531.I2ae8be.M0-520
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.geico.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YVyWtAAAAKDiwAP7
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=28445859360835675222593024071279280097
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVyWtAAAAKDiwAP7

42 B
943 B

33ms
33ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVyWtAAAAKDiwAP7

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-219-200.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0ce041da7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VXMMP8fsQG0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVyWtAAAAKDiwAP7
Date: Tue, 05 Oct 2021 18:17:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
geico.tt.omtrdc.net/rest/v1/ 278 B
503 B 127ms
40ms XHR
application/json 34.252.166.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geico.tt.omtrdc.net/rest/v1/delivery?client=geico&sessionId=abe4d3e122ce46619004c3c091eeb0cf&version=2.6.1
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6d2f0d22883653222c5182758d49ec34d0d083f84c3fa7465fa0bef09ebdfc1b

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.geico.com
date: Tue, 05 Oct 2021 18:17:24 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 99f11efc3e165c3d7979aae48ac5afae
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/ 30 KB
9 KB 1528ms
97ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

0d124fecbfd554e55a642450f43f4b86eea9a42685c1fc38e8b23f9c4367a1c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 15 Sep 2021 19:21:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 42ms
19ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071224235&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

bad297f747b5402153242013e0f7b7d6857e1bbf997b8b785d18447f6a173d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39257
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H2 200 RCd3ddf95ceb1f42d89ad6930803f05061-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/ 544 B
600 B 13ms
13ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/RCd3ddf95ceb1f42d89ad6930803f05061-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d111c37a72fcb3fbfbb6fedeaa7ac5298f0cd7b1f0b89bfcc182e5d69289d199

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:01 GMT
server: AkamaiNetStorage
etag: "1605d5952799aee415c5611fcee057d6:1632859441.27552"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 337
expires: Tue, 05 Oct 2021 19:17:25 GMT

GET
H2 200 _Incapsula_Resource
www.geico.com/ 1 B
365 B 10ms
10ms Image
text/plain 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/_Incapsula_Resource?SWKMTFSR=1&e=0.06486496784331619

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.06486496784331619
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemim5&sl=0&tt=0&bcn=%2F%2F6852bd0b.akstat.io%2F"; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Tue, 05 Oct 2021 18:17:25 GMT
x-frame-options: sameorigin
content-type: text/plain
cache-control: max-age=0, no-cache, no-store
content-security-policy: frame-ancestors 'self'
server-timing: edge; dur=1 origin; dur=2 cdn-cache; desc=MISS
x-robots-tag: noindex
content-length: 1
x-xss-protection: 1; mode=block
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H2 200 florida-zipcodes.js Show response
www.geico.com/public/scripts/ 26 KB
1 KB 8ms
8ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/florida-zipcodes.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/scripts/design6/global.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

22e98b4f2f3a88b91e8705ac6783646ebde3b16ac757cec7e29383b1f106aea8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/scripts/florida-zipcodes.js
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemim5&sl=0&tt=0&bcn=%2F%2F6852bd0b.akstat.io%2F"; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 6-117260926-117261188 NNNN CT(67 69 0) RT(1633431202382 18107) q(0 0 2 0) r(2 2) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 1024
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:53:43 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 geolocation.js Show response
www.geico.com/public/scripts/ 3 KB
1 KB 8ms
8ms XHR
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/geolocation.js

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

df5060f6254d6f5ca6a49f1d05339772ad3401412d238a0d9d258b3f7df35421

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemim5&sl=0&tt=0&bcn=%2F%2F6852bd0b.akstat.io%2F"; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==
:path: /public/scripts/geolocation.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.geico.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-13638836-13638837 NNNN CT(29 32 0) RT(1633431226735 4) q(0 0 1 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 993
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:53:48 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 RC2a0dfd909ba042088f226c9eb81b3855-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/ 845 B
782 B 13ms
13ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/RC2a0dfd909ba042088f226c9eb81b3855-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 48f1ddd84ccc7881e27ba4f5a0964df78e64181200b311bd2d0e8f79dccaa06a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:01 GMT
server: AkamaiNetStorage
etag: "1605d5952799aee415c5611fcee057d6:1632859441.27552"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 519
expires: Tue, 05 Oct 2021 19:17:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 25ms
24ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071224235&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

ff3b98aecdafe491af596221294c26e3ce24c9a3f0bacc043c27bdf8916ba8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38992
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 21ms
20ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-2992003&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071224235&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

2232fb97cd141b6841b8986bc2a3fb2c6a20a31532d4a9591404107b034f299d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37570
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 18:17:25 GMT

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame A8F3 90 B
424 B 370ms
121ms XHR
application/json 35.188.210.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1633457845091&v=1633457845203&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.188.210.33 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.210.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

eabda505fc8e9fd5f5ef0330e147a9dbedfc7338553ec998e38098afa13bb4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
geico-sync.quantummetric.com/ Frame A8F3 0
245 B 678ms
223ms XHR
application/json 35.223.68.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1633457845091&v=1633457845231&z=2&Q=1&Y=1&X=c4f112fb42214e3345c80d169a096750

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.223.68.91 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

91.68.223.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 18:17:25 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.geico.com
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 82ms
46ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:24 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: CA3D750C7EF148219D16A20F127029DF Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 RC27cbcc35060b401193d7b0391b461c3a-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/ 651 B
643 B 14ms
13ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/RC27cbcc35060b401193d7b0391b461c3a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cefbd68255cfb66378b868e6bf1904a798361d72a870d2d420f760f286c24e1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:01 GMT
server: AkamaiNetStorage
etag: "1605d5952799aee415c5611fcee057d6:1632859441.27552"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 380
expires: Tue, 05 Oct 2021 19:17:25 GMT

GET
H2 200 RC425b403428db4589a020193bcf2cc140-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/ 2 KB
988 B 14ms
13ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/RC425b403428db4589a020193bcf2cc140-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6592345af021110d0d9917703da9cb64ef16b7262ca7980a0b75d93413f18e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:01 GMT
server: AkamaiNetStorage
etag: "1605d5952799aee415c5611fcee057d6:1632859441.27552"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 725
expires: Tue, 05 Oct 2021 19:17:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 57ms
16ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 979
date: Tue, 05 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 05 Oct 2021 20:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 71ms
34ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071224235&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e92c1c99f4eb4964fd77bc9bd3e7e116391389a9247ea045c398d9176120d28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14415
x-xss-protection: 0
server: cafe
etag: 8532164750609382341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H3

200

activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15... Show response
2992003.fls.doubleclick.net/ Frame 1CD2
Redirect Chain

https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u...
https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=281885...

3 KB
2 KB

63ms
39ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-2992003&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

d87fb068465b0ac485dd7109f5bb5e39cd74b6653681cc6212d3015025c4a7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2992003.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geico.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 05 Oct 2021 18:17:25 GMT
expires: Tue, 05 Oct 2021 18:17:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1513
x-xss-protection: 0
set-cookie: IDE=AHWqTUkRlLPAuyMbVFEUvn0PVEsUNsfAOLQUvx3cXlCfm8XM0HURbf8yYvb4khOoY0o; expires=Thu, 05-Oct-2023 18:17:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 05 Oct 2021 18:17:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Sta...
2992003.fls.doubleclick.net/ 0
0 75ms
15ms Image
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2992003.fls.doubleclick.net/activityi;register_conversion=1;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 s67125138097148
sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.22.1-LBWB/ 43 B
349 B 16ms
16ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.22.1-LBWB/s67125138097148?AQB=1&ndh=1&pf=1&t=5%2F9%2F2021%2018%3A17%3A25%202%200&sdid=091F5889A452514A-41B8D1E2CAC21540&mid=28188523024345307722565689810976033175&aamlh=6&ce=UTF-8&ns=geico&pageName=Static%3AHomePage%3ADefault&g=https%3A%2F%2Fwww.geico.com%2F&cc=USD&events=event32&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=https%3A%2F%2Fwww.geico.com%2F&l2=Static%3AHomepageProductSelector%3AGroupA&l3=Static%3AHomepageProductSelector%3AIteration2&c5=2.22.1&c14=Non-Mobile%20App%20Experience&c15=v&v15=v&v16=%2B1&v18=Static%3AHomePage%3ADefault&v19=2%3A00PM-Tuesday&c21=spa%20update%20-%20load%20time%20not%20available&v21=Non-Mobile%20App%20Experience&c28=0921.005_P&v33=spa%20update%20-%20load%20time%20not%20available&c48=dom%20ready%20page%20view&c50=English&v55=https%3A%2F%2Fwww.geico.com%2F&v64=https%3A%2F%2Fgeico.quantummetric.com%2F%23%2Fusers%2Fsearch%3Fautoreplay%3Dtrue%26qmsessioncookie%3Dnull&v74=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F93.0.4577.63%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
x-content-type-options: nosniff
x-c: main-1531.I2ae8be.M0-520
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Oct 2021 18:17:25 GMT
server: jag
xserver: anedge-567564d5d5-9j8ws
etag: 3507824012207783936-4619879406176128869
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 04 Oct 2021 18:17:25 GMT

GET
H2 204 5118357.js Show response
bat.bing.com/p/action/ 0
128 B 51ms
50ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5118357.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 18:17:24 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 32A98F145D3D4AFD817072F306BC17FB Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 47ms
46ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5118357&Ver=2&mid=cb188853-b719-4ef9-9960-dcb1941c20df&sid=7dc465b0260811ec817189e4e18b9851&vid=7dc49cd0260811ec80d81d779f2d4558&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&p=https%3A%2F%2Fwww.geico.com%2F&r=&lt=2301&evt=pageLoad&msclkid=N&sv=1&rn=72039
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 05 Oct 2021 18:17:24 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D0CD934E711D49C6A81FBFB296DEBCBA Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
95 B 48ms
47ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5118357&Ver=2&mid=cb188853-b719-4ef9-9960-dcb1941c20df&sid=7dc465b0260811ec817189e4e18b9851&vid=7dc49cd0260811ec80d81d779f2d4558&vids=0&ec=homepage&el=default&ev=1&ea=goal&en=Y&evt=custom&msclkid=N&rn=789027
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 05 Oct 2021 18:17:24 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D9A9298966F7401994864B6E4BF789F2 Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
15ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=4936176&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geico.com%2F&ul=en-us&de=UTF-8&dt=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=987651976&gjid=942209029&cid=85265321.1633457845&tid=UA-34118221-1&_gid=1924665226.1633457845&_r=1&gtm=2ou9r0&cd1=ga%20pageview%20-%20page%20view&cd2=Static%3AHomePage%3ADefault&cd3=&cd5=1633457845019.toj6916k&cd7=&cd9=&cd10=&cd11=&cd12=28188523024345307722565689810976033175&cd13=&cd14=static&cd16=&cd35=10%2F05%2F2021%2018%3A17%3A25&cd36=&cd37=&cd40=https%3A%2F%2Fwww.geico.com%2F&cd41=&cd42=&cd43=&cd44=False&cd45=&cd46=&cd49=&cd50=&cd52=&cd53=&cd54=&cd55=&cd56=&cd57=&cd58=&cd59=&cd60=&cd61=&cd62=&cd63=&cd64=&cd65=&cd67=&cd68=&cd69=&cd70=&cd71=&cd72=&cd73=&cd74=&cd75=&cd78=&cd79=English&cd80=Original&cd81=&cd82=&cd15=&cd24=&cm8=&cm10=&cm11=&cm12=&cd19=&z=513326710

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 18:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geico.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
410 B 45ms
14ms XHR
text/plain 74.125.206.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-34118221-1&cid=85265321.1633457845&jid=987651976&gjid=942209029&_gid=1924665226.1633457845&_u=4GBAAUAAAAAAAC~&z=2122803960

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Oct 2021 18:17:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.geico.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 82ms
41ms Image
image/gif 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-34118221-1&cid=85265321.1633457845&jid=987651976&_u=4GBAAUAAAAAAAC~&z=484243125

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 18:17:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 1CD2 45 KB
17 KB 35ms
18ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 2992003.fls.doubleclick.net
URL: https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

439df5885089c84e5d6a7f3a0de94990d0a8efefe8452393d6b8a6476744e5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17619
x-xss-protection: 0
server: cafe
etag: 4495727085171687606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H2 200 dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=*;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3A...
adservice.google.com/ddm/fls/z/ Frame 1CD2 42 B
515 B 97ms
75ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=*;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 18:17:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 1CD2 34 KB
10 KB 45ms
44ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: 2992003.fls.doubleclick.net
URL: https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:24 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: 941D0ADEE4FA42F393CD84D3DA4392DC Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 1CD2 98 KB
26 KB 24ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: fgEDgap7lyPpBNFsw/81eWJ0FoGuvIUgKWw0pimkOF+at8hIDww0KX1cfHc44WUqewh4wkMPqrmHrir+dVP4lA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 05 Oct 2021 18:17:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 980746741982743 Show response
connect.facebook.net/signals/config/ Frame 1CD2 224 KB
67 KB 70ms
62ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/980746741982743?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

4d990de603bbb71ff307b34206061f28d331dffd5c10e75e19987272b9b38ce4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: TmyJF/MNLZPAsP0ox7WynMCieZjLNWeKRvTpTRGkftGdLgc1y75P6sSQvDR3Bzpe+Pw0arwQmqD+MQsZa0qfsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 05 Oct 2021 18:17:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071224235/ Frame 1CD2 43 B
618 B 45ms
20ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071224235/?random=1633457845486&cv=9&fst=1633457845486&num=1&label=urIBCIWI8QcQq6vm_gM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F2992003.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL7pgtXws_MCFYKGUQodsloDcw%3Bsrc%3D2992003%3Btype%3Dretar660%3Bcat%3Dhomep837%3Bord%3D1%3Bnum%3D9653074815803%3Bgtm%3D2od9r0%3Bauiddc%3D622534231.1633457845%3Bu1%3Du1%3Bu2%3D28188523024345307722565689810976033175%3Bu15%3Du15%3Bu16%3DStatic%253AHomePage%253ADefault%3Bu17%3Du17%3Bu18%3Du18%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.geico.com%252F%3F&ref=https%3A%2F%2Fwww.geico.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5707359.js Show response
bat.bing.com/p/action/ Frame 1CD2 0
94 B 232ms
231ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5707359.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 18:17:24 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: A44817EC6EE34FABBC5356A90746F71C Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 1CD2 0
95 B 45ms
44ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5707359&Ver=2&mid=6967a7e6-75ad-4c02-9fef-b479662139ab&sid=7dde37f0260811ec960667d8f8789f09&vid=7dde6c60260811eca5151398b9505311&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.geico.com%2F&r=&lt=210&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=245348
Requested by: Host: 2992003.fls.doubleclick.net
URL: https://2992003.fls.doubleclick.net/activityi;dc_pre=CL7pgtXws_MCFYKGUQodsloDcw;src=2992003;type=retar660;cat=homep837;ord=1;num=9653074815803;gtm=2od9r0;auiddc=622534231.1633457845;u1=u1;u2=28188523024345307722565689810976033175;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;ps=1;~oref=https%3A%2F%2Fwww.geico.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 05 Oct 2021 18:17:24 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C9B7A8B334C5462F9869ED7AB12778AF Ref B: PRG01EDGE1106 Ref C: 2021-10-05T18:17:25Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 1CD2 44 B
313 B 24ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=980746741982743&ev=PageView&dl=https%3A%2F%2F2992003.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL7pgtXws_MCFYKGUQodsloDcw%3Bsrc%3D2992003%3Btype%3Dretar660%3Bcat%3Dhomep837%3Bord%3D1%3Bnum%3D9653074815803%3Bgtm%3D2od9r0%3Bauiddc%3D622534231.1633457845%3Bu1%3Du1%3Bu2%3D28188523024345307722565689810976033175%3Bu15%3Du15%3Bu16%3DStatic%253AHomePage%253ADefault%3Bu17%3Du17%3Bu18%3Du18%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.geico.com%252F%3F&rl=https%3A%2F%2Fwww.geico.com%2F&if=true&ts=1633457845603&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=28&it=1633457845478&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 1CD2 44 B
101 B 24ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=980746741982743&ev=ViewContent&dl=https%3A%2F%2F2992003.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL7pgtXws_MCFYKGUQodsloDcw%3Bsrc%3D2992003%3Btype%3Dretar660%3Bcat%3Dhomep837%3Bord%3D1%3Bnum%3D9653074815803%3Bgtm%3D2od9r0%3Bauiddc%3D622534231.1633457845%3Bu1%3Du1%3Bu2%3D28188523024345307722565689810976033175%3Bu15%3Du15%3Bu16%3DStatic%253AHomePage%253ADefault%3Bu17%3Du17%3Bu18%3Du18%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.geico.com%252F%3F&rl=https%3A%2F%2Fwww.geico.com%2F&if=true&ts=1633457845605&cd[type]=HomepageDefault&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=28&it=1633457845478&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2992003.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 05 Oct 2021 18:17:25 GMT

GET
H2 200 / Show response
geico-app.quantummetric.com/ Frame A8F3 28 B
246 B 125ms
125ms XHR
application/json 35.188.210.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?s=0ced5d9d0918094990d2f2fcc754ec39&H=1aa1a30add61de057a0a7464&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.188.210.33 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.210.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame A8F3 0
166 B 120ms
119ms XHR
application/json 35.188.210.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1633457845091&v=1633457845741&H=1aa1a30add61de057a0a7464&s=0ced5d9d0918094990d2f2fcc754ec39&U=e1d3b89bc68eb9929caa2fcaae4069be&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.188.210.33 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.210.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame A8F3 0
166 B 120ms
120ms XHR
application/json 35.188.210.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1633457845091&v=1633457845868&H=1aa1a30add61de057a0a7464&s=0ced5d9d0918094990d2f2fcc754ec39&z=1&S=9344&N=20&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.188.210.33 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.210.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Oct 2021 18:17:25 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK common.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/utils/ 3 KB
2 KB 95ms
95ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 19 Apr 2021 22:40:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:26 GMT

GET
H2 200 RC9a5be3010f524186897c9b833d9b3c24-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/ 386 B
517 B 17ms
17ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/RC9a5be3010f524186897c9b833d9b3c24-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3e85bf86c1c3323f92f31f0ccde22c57a16f77f0b33a8cc069fd8d139f1dc13d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:26 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:01 GMT
server: AkamaiNetStorage
etag: "1605d5952799aee415c5611fcee057d6:1632859441.27552"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 254
expires: Tue, 05 Oct 2021 19:17:26 GMT

GET
H2 200 s64499163037120
sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.22.1-LBWB/ 43 B
314 B 17ms
17ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.22.1-LBWB/s64499163037120?AQB=1&ndh=1&pf=1&t=5%2F9%2F2021%2018%3A17%3A26%202%200&mid=28188523024345307722565689810976033175&aamlh=6&ce=UTF-8&ns=geico&pageName=Static%3AHomePage%3ADefault&g=https%3A%2F%2Fwww.geico.com%2F&cc=USD&c2=https%3A%2F%2Fwww.geico.com%2F&l2=Static%3AHomepageProductSelector%3AGroupA&l3=Static%3AHomepageProductSelector%3AIteration2&c5=2.22.1&c14=Non-Mobile%20App%20Experience&c15=v&v15=v&v18=Static%3AHomePage%3ADefault&v21=Non-Mobile%20App%20Experience&c28=0921.005_P&c46=GVA%3AVirtualAssistantAvailable&c48=updatedatanopageturn%20-%20lowercase%20t&c50=English&c53=85265321.1633457845&v55=https%3A%2F%2Fwww.geico.com%2F&v64=https%3A%2F%2Fgeico.quantummetric.com%2F%23%2Fusers%2Fsearch%3Fautoreplay%3Dtrue%26qmsessioncookie%3D0ced5d9d0918094990d2f2fcc754ec39&v74=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F93.0.4577.63%20Safari%2F537.36&pe=lnk_o&pev2=updatedatanopageturn%20-%20lowercase%20t&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&lrt=18&AQE=1

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:26 GMT
x-content-type-options: nosniff
x-c: main-1531.I2ae8be.M0-520
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Oct 2021 18:17:26 GMT
server: jag
xserver: anedge-567564d5d5-nwcnr
etag: 3507824014844067840-4619594478045444321
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 04 Oct 2021 18:17:26 GMT

GET
H/1.1 200
OK esw.min.css
geicoinsurance.my.salesforce.com/embeddedservice/5.0/ 9 KB
5 KB 97ms
97ms Stylesheet
text/css 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.css

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:26 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/client/ 20 KB
6 KB 201ms
104ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 28 Apr 2021 04:42:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:26 GMT

GET
H2 200 OrchestratorMain.js Show response
www.geico.com/public/design-kit/4.0/qualtrics/ 79 KB
17 KB 9ms
8ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fd093e9b0608d6c7f56f32ead8e0fafe244622696db732e8b821e43336fc1ff6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/design-kit/4.0/qualtrics/OrchestratorMain.js
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemim5&sl=0&tt=0&bcn=%2F%2F6852bd0b.akstat.io%2F"; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==; _gcl_au=1.1.622534231.1633457845; utm_gpv_pageName=Static%3AHomePage%3ADefault; s_cc=true; _uetsid=7dc465b0260811ec817189e4e18b9851; _uetvid=7dc49cd0260811ec80d81d779f2d4558; _ga=GA1.2.85265321.1633457845; _gid=GA1.2.1924665226.1633457845; _gat_gtag_UA_34118221_1=1; QuantumMetricSessionID=0ced5d9d0918094990d2f2fcc754ec39; QuantumMetricUserID=e1d3b89bc68eb9929caa2fcaae4069be
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 13-136640559-136689516 NNNN CT(62 63 0) RT(1633435217266 220494) q(0 0 1 0) r(2 2) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 17363
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:03:59 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 RC2bae8f3a7c3242d7bf656de6efd5cf0e-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/ 1 KB
902 B 21ms
21ms Script
application/x-javascript 104.85.0.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/aec2e3db641a/RC2bae8f3a7c3242d7bf656de6efd5cf0e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.0.236 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c69471ac0da24eb182df70d5e885d36e6912e14efa95a1721e65c2bfa94be712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:26 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 20:04:01 GMT
server: AkamaiNetStorage
etag: "1605d5952799aee415c5611fcee057d6:1632859441.27552"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.geico.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 639
expires: Tue, 05 Oct 2021 19:17:26 GMT

GET
H/1.1 200
OK Cookie set esw.html Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/ Frame 0FCC 194 B
880 B 97ms
97ms Document
text/html 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: geicoinsurance.my.salesforce.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.geico.com/
Accept-Encoding: gzip, deflate, br
Cookie: BrowserId_sec=fnbuTyYIEeyK3G_Ijcsp1g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/

Response headers

Date: Tue, 05 Oct 2021 18:17:26 GMT
Set-Cookie: CookieConsentPolicy=0:0; domain=geicoinsurance.my.salesforce.com; path=/; expires=Wed, 05-Oct-2022 18:17:26 GMT; Max-Age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Wed, 06 Oct 2021 18:17:26 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

POST
H2 200 Targeting.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 380ms
322ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0ThecsUJSizKNzD&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ebe626fc4c7ebfabdd56a88aee689dfc08f17e6e5c9203932874d76899b751e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 9
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.geico.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 3685cacd4386d962
cf-ray: 6998a5977fe14dca-FRA

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 35ms
8ms Script
text/javascript 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 260
etag: "494b4c270c41c5456742136e682b1007"
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Tue, 05 Oct 2021 18:13:06 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-length: 23861
x-amz-cf-id: Km3wuOUuviIcoiarlQQ7aAOfyEWX7KCj8eyj_YP9R5jdVZk4m2xZ6Q==

GET
H2 200 _r Show response
app.link/ 90 B
567 B 206ms
166ms Script
text/javascript 13.224.193.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_cdx48HLr92TSxZjby6NtdfepDDfcfxpz&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-44.fra2.r.cloudfront.net

Software

openresty / Express

Resource Hash

15fd247bb7a978f15ba64674a2be22f161b61c408620eb91ff25d0ab3669e296

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-A8//rgGx4fg27NJ14BWiioEz4G0"
x-amz-cf-id: HV-bN1mSyK6xUzuy7Op_zprb5wopIMT8ggVS1k8E5xGVp4I0o0hCZg==

GET
H/1.1 200
OK eswFrame.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/ Frame 0FCC 5 KB
2 KB 96ms
96ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/ Frame 0FCC 2 KB
1 KB 96ms
95ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/ Frame 0FCC 2 KB
1 KB 96ms
96ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 267 B
579 B 199ms
171ms XHR
application/json 13.225.87.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-109.fra2.r.cloudfront.net
Software: /
Resource Hash: e39e316883e41826bcd4b8aaac5b8d6bf5356b958cd5d292b869bf727b87ebda

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 120f27ddcead4826aac2d02c7cd9b3ce-2021100518
content-length: 267
x-amz-cf-id: g9uKTIYj0sK1UeHE6vpUvsQ9iBNz6Pr3OQLSWdIg4g_aBDiTG69K3w==

GET
H/1.1 200
OK chasitor.esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/ Frame 0FCC 22 KB
6 KB 97ms
97ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 22 Mar 2021 16:55:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 18 KB
4 KB 562ms
98ms Script
text/javascript 13.110.57.222
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5e000000KbIN&EmbeddedServiceConfig.configName=Chat_VA_Static&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.57.222 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com

Software

Resource Hash

5913f536f005d65e38fe664c938773df68ca83be7bff82fbcbde5709a04efb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/client/ 18 KB
5 KB 97ms
97ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 15 Apr 2021 16:21:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

GET
H2 200 CoreModule.js Show response
www.geico.com/public/design-kit/4.0/qualtrics/ 114 KB
31 KB 9ms
8ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/qualtrics/CoreModule.js?Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a7c4a087ac16214e67b4d06ff7f3b2fd7688b5441676a9e693e5fc79b0da582e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/design-kit/4.0/qualtrics/CoreModule.js?Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==; _gcl_au=1.1.622534231.1633457845; utm_gpv_pageName=Static%3AHomePage%3ADefault; s_cc=true; _uetsid=7dc465b0260811ec817189e4e18b9851; _uetvid=7dc49cd0260811ec80d81d779f2d4558; _ga=GA1.2.85265321.1633457845; _gid=GA1.2.1924665226.1633457845; _gat_gtag_UA_34118221_1=1; QuantumMetricSessionID=0ced5d9d0918094990d2f2fcc754ec39; QuantumMetricUserID=e1d3b89bc68eb9929caa2fcaae4069be; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemhwp&sl=1&tt=36y&bcn=%2F%2F6852bd0b.akstat.io%2F"; s_plt=4.14; s_pltp=Static%3AHomePage%3ADefault
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-4682161-4685361 SNNN RT(1633431159190 50501) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 31210
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:53:32 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/ Frame 0FCC 473 B
899 B 96ms
96ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/ 346 B
676 B 467ms
97ms Script
text/javascript 13.110.57.222
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735e000000pKHc]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725e000000pLA5&org_id=00D5e000000KbIN&version=48

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.57.222 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com

Software

Resource Hash

84cfc6d3a3121d37bc0b81dc34f924e4e828d76915342f797b39ef21f7c18a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
geicoinsurance.my.salesforce.com/embeddedservice/5.0/utils/ 8 KB
3 KB 95ms
95ms Script
application/x-javascript 13.110.56.187
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: geicoinsurance.my.salesforce.com
URL: https://geicoinsurance.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.56.187 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg1-c5-iad4.na162-ia4.my.salesforce.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 18:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Oct 2021 18:17:27 GMT

POST
H2 200 Targeting.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 409ms
409ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0ThecsUJSizKNzD&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs&t=1633457847295&Q_VSI=%7B%22SI_0lne77E50rZSyl7%22%3A%22AS_9WZFaoG0wFV632t%22%2C%22SI_ebrThfvrduW3xsh%22%3A%22DependencyResolver%22%7D&Q_DPR=true

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcd10e7e342391ae814cd982bd2aaf41a426afb3e5bb8a8cf3c5f96170f3bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 8
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.geico.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 5fb1d2fc028c6494
cf-ray: 6998a5999ce74dca-FRA

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
386 B 202ms
202ms XHR
application/json 13.225.87.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-109.fra2.r.cloudfront.net
Software: / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: cb797aa58dbb43c5b61ff516a607331c-2021100518
content-length: 29
x-amz-cf-id: MjAcsBa_KW5aip8ndPFFYT1r78XEoFnZGAVZ9JgqKYz6LijFi8iv2Q==

POST
H2 204 /
6852bd0b.akstat.io/ 0
201 B 198ms
197ms Ping
image/gif 104.111.214.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd0b.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.214.229 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 18:17:27 GMT
content-type: image/gif
access-control-allow-origin: https://www.geico.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 05 Oct 2021 18:17:27 GMT

GET
H2 200 LinkModule.js Show response
www.geico.com/public/design-kit/4.0/qualtrics/ 3 KB
1 KB 10ms
8ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/qualtrics/LinkModule.js?Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

42b5b7e709a508eabeb712167e50d530bf7cae0b4b261e5841df18007cfba96c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/design-kit/4.0/qualtrics/LinkModule.js?Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==; _gcl_au=1.1.622534231.1633457845; utm_gpv_pageName=Static%3AHomePage%3ADefault; s_cc=true; _uetsid=7dc465b0260811ec817189e4e18b9851; _uetvid=7dc49cd0260811ec80d81d779f2d4558; _ga=GA1.2.85265321.1633457845; _gid=GA1.2.1924665226.1633457845; _gat_gtag_UA_34118221_1=1; QuantumMetricSessionID=0ced5d9d0918094990d2f2fcc754ec39; QuantumMetricUserID=e1d3b89bc68eb9929caa2fcaae4069be; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemhwp&sl=1&tt=36y&bcn=%2F%2F6852bd0b.akstat.io%2F"; s_plt=4.14; s_pltp=Static%3AHomePage%3ADefault
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 14-10503248-10530819 NNNN CT(28 31 0) RT(1633431146762 111922) q(0 0 1 1) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 1000
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:54:19 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 FeedbackButtonModule.js Show response
www.geico.com/public/design-kit/4.0/qualtrics/ 52 KB
17 KB 12ms
10ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/qualtrics/FeedbackButtonModule.js?Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e2b5671acbca6793df6eac5b249000ad794b66b41b94b05cafd188b44d3b8e03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /public/design-kit/4.0/qualtrics/FeedbackButtonModule.js?Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs
pragma: no-cache
cookie: experiment1=HomepageProductSelector_GroupA; visid_incap_1684653=YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9; incap_ses_1368_1684653=e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==; AKA_A2=A; RT="z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"; at_check=true; AMCVS_71FF20B3534568190A490D45%40AdobeOrg=1; s_ecid=MCMID%7C28188523024345307722565689810976033175; mbox=session#abe4d3e122ce46619004c3c091eeb0cf#1633459705|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645; AMCV_71FF20B3534568190A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0; _gaSession=1633457845019.toj6916k; ___utmvc=+Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==; _gcl_au=1.1.622534231.1633457845; utm_gpv_pageName=Static%3AHomePage%3ADefault; s_cc=true; _uetsid=7dc465b0260811ec817189e4e18b9851; _uetvid=7dc49cd0260811ec80d81d779f2d4558; _ga=GA1.2.85265321.1633457845; _gid=GA1.2.1924665226.1633457845; _gat_gtag_UA_34118221_1=1; QuantumMetricSessionID=0ced5d9d0918094990d2f2fcc754ec39; QuantumMetricUserID=e1d3b89bc68eb9929caa2fcaae4069be; RT="z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemhwp&sl=1&tt=36y&bcn=%2F%2F6852bd0b.akstat.io%2F"; s_plt=4.14; s_pltp=Static%3AHomePage%3ADefault
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.geico.com
referer: https://www.geico.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-17332693-17340439 NNNN CT(31 30 0) RT(1633431138259 71112) q(0 0 1 2) r(1 1) U5
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
content-length: 16786
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 10:53:31 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Tue, 05 Oct 2021 18:17:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 47ms
29ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ebrThfvrduW3xsh&Version=16&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce996d87090081b095f9957984661db372065e7ec4c937fcbc1124d9546a52c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86962
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6998a59c4840431b-FRA
servershortname
expires: Thu, 02 Oct 2031 18:08:05 GMT

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
645 B 48ms
30ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6PeYmRlS2YFT301&Version=1&Q_InterceptID=SI_ebrThfvrduW3xsh&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b35e5b5a026a91af332e36dc7cd923e97c06635c1f344d4b304987a51e792b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 311832
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6998a59c4849431b-FRA
servershortname
expires: Tue, 30 Sep 2031 03:40:15 GMT

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 57ms
39ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0lne77E50rZSyl7&Version=17&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e7e40dc937577d793544d57a606d73613df4ef3ffc4c14d7e457153694af321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86962
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6998a59c4850431b-FRA
servershortname
expires: Thu, 02 Oct 2031 18:08:05 GMT

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 222 B
273 B 59ms
42ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_bDysCase0gxgEbb&Version=1&Q_InterceptID=SI_0lne77E50rZSyl7&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5255af40c47d3009505994f334490cfac6102425238909c52cc1c437ed096272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 382692
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6998a59c484c431b-FRA
servershortname
expires: Mon, 29 Sep 2031 07:59:15 GMT

POST
H2 200 / Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
124 B 404ms
404ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_bDysCase0gxgEbb&Q_SIID=SI_0lne77E50rZSyl7&Q_ASID=AS_9WZFaoG0wFV632t&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs&r=1633457847777

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 45
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geico.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 09bb321f167b3904
cf-ray: 6998a59c9920431b-FRA

POST
H2 200 / Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
239 B 382ms
382ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6PeYmRlS2YFT301&Q_SIID=SI_ebrThfvrduW3xsh&Q_ASID=AS_76884371&Q_CLIENTVERSION=1.24.1&Q_CLIENTTYPE=hostedjs&r=1633457847780

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Oct 2021 18:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 45
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geico.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: a913e490f5344608
cf-ray: 6998a59ca932431b-FRA

GET
H2 200 wr-dialog-close-btn-white.png
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 254 B
526 B 34ms
34ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:17:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14302929
cf-polished: origSize=759
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
content-length: 254
last-modified: Tue, 20 Apr 2021 18:30:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 6998a59cabaf4dca-FRA
servershortname
expires: Mon, 21 Apr 2031 05:15:18 GMT

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geico.com/	1970-01-19 21:57:50	Name: experiment1 Value: HomepageProductSelector_GroupA
.geico.com/	1970-01-20 06:28:46	Name: visid_incap_1684653 Value: YLwX4x6+Q6ytfBformNYEbKWXGEAAAAAQUIPAAAAAAAR0vsD6syB5BgxhaIq72i9
.geico.com/	1969-12-31 23:59:59	Name: incap_ses_1368_1684653 Value: e20MOENTUXqm85XK+hz8ErKWXGEAAAAAMsvLnjKdvEVDTEnNm3tAqQ==
.geico.com/	1970-01-19 21:44:21	Name: AKA_A2 Value: A
.geico.com/	1970-01-19 21:54:22	Name: RT Value: "z=1&dm=geico.com&si=cw718chrjt&ss=kueemim5&sl=0&tt=0"
.geico.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 02:03:29	Name: demdex Value: 28445859360835675222593024071279280097
.geico.com/	1969-12-31 23:59:59	Name: AMCVS_71FF20B3534568190A490D45%40AdobeOrg Value: 1
.geico.com/	1970-01-20 15:15:29	Name: s_ecid Value: MCMID%7C28188523024345307722565689810976033175
.everesttech.net/	1970-01-20 06:29:53	Name: everest_g_v2 Value: g_surferid~YVyWtAAAAKDiwAP7
.geico.com/	1970-01-20 15:18:22	Name: mbox Value: session#abe4d3e122ce46619004c3c091eeb0cf#1633459705\|PC#abe4d3e122ce46619004c3c091eeb0cf.37_0#1696702645
.dpm.demdex.net/	1970-01-20 02:03:29	Name: dpm Value: 28445859360835675222593024071279280097
.geico.com/	1970-01-20 15:15:29	Name: AMCV_71FF20B3534568190A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18906%7CMCMID%7C28188523024345307722565689810976033175%7CMCAAMLH-1634062644%7C6%7CMCAAMB-1634062644%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1633465044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18913%7CvVersion%7C5.2.0
.force.com/	1970-01-20 06:29:53	Name: BrowserId_sec Value: fX6E0iYIEeyvsgs8jgVA1w
.geico.com/	1969-12-31 23:59:59	Name: _gaSession Value: 1633457845019.toj6916k
www.geico.com/	1970-01-19 21:44:17	Name: ___utmvc Value: +Sg4hz4NgQsnAM2iAiYbs66VRYMLyNuO36+T8dhhsx/RUCOuelDZdBebosS1eqahKKVmGDsduvQaAGr4dztvEuB2Dma4+nLgbP28jPdz/yaQecKjWrZ9m+t092wKmVE8LuXhhpPEpdqfA5owFUN6STm5ONnNLbaM+dUsYIAZWcQYfdFtcrvTKtxPoD5fS1RQ9GDzRPubwewASbH0bMw4juMn0nUnqrivTJK5SnLpxtsFep1P07wWGS6fzy9CzqZfu76wmFuVhtOiCMGDmQ8BFfn3jv6jaP01tMP5qiozEWxDokMKmPyfjjGnWAOdvTHkR/qcRVDRlB3MdWaLgF5o/1mB7Oi3LNMvbIMZ2k0MFN+vhOnH2UOJ2n00dg35o+epvG+31K70dhRmuVTBqGhIP9LynLxPbXMigE+swBXX9Am2Z/k3MYQtNTeRMjvOSPdpaefoo49CUGvpB6nwe3WKA/nez/GcHhYmuuiszWGI0UyQO8IQGQIR/636vjoEgpIf3Z9hZw4Hcif/HQZaNMrqu4kQAjst10ihdxKYtb6vOe/AAC/HM+S8WuVTsmRwdM9AE24rZsX4XpFFTxBrEH9bH/kcZMVvpzUzObKUVc+fcqCl9Fxip5gig0VOi2dn9xA9vfl9hbamNDtW24DDv822LHGENgSZhDfNIcv0S8yIg2czsgsrxjhWNEG/dS3uJ3+mBxQYJ2Y9CLbgMl665qIIK9LxrOFCYibthZI21s9zXxRdNOyzS1AIEIEGgfNOd0e32jDHzP6Ssv9ZzRnVgrQt0gczI5loJuHLdBtl4uI0HTcMgFFCyLDm+OVvFAEsqRFFK200gxYR/dGtKfRg4dBM78AzXVIu+u59U1EIeoPXI0VTx55w8cu2ECT+l8Uo4f3+/zDePKQJIDjFWH5VMknxUEevCyYt16BW6r82xJ48lluNFRf3T++KEBXTIMdbMb5VF6xBWm019PL9pi1m5UpjPVY6LyFFCdjVsMHZouXtPHQImMFfsOqN9fJi2atA++UpwKkqUoTmMormqYT4KrzdUU5mMJpz9HDqMmrx1EN9ok0jVTPMod70qoTSUaghodNC78sMxMGm16vBvdQubkp1mIgzMhH+JRUmcCMrDgdYCbq+7DwW/5D3beUntPs/NBOtSKi3IV27RHtuJrcQRHm5dcaOGjWUQHGeA2ejEfjZvNc98+4EAF9PSRYFV5Y/w3i68Ipz5XLY5AIgUo9fDKy71mslNuNe/OvwQ3yVBU7heW05xrTZ9WEWfkPCj8dO+PuzbBn3aUyoiEaJeRx9vXFvTbGPH6pXABRRhfr7R9ZFE5luetT1yPED51bItr4+rhQGpZh2Kx9BaQzs5b0yIcVioKxT1hNfIT+O34tGbRMo2wgcmzpBaSVH5grmF/EiAE5RVZqs5ihnkvwAZHVqaaECe8MvHqrVj53ksubmrSbkzSz0bd+Vn7JkxB/yhLqlvQjWMLKYC2DDxypC58OIIZeVKLajOJ7jJtgrGIaSZwWFFP9E7NFpYgDtyIXzSzZ2/0vUAJTtXTS4aNE4mB3NlYlWI9wj6RYecvSru3u0sqSSOcTvqrQNkodxsOxraS3u01R0IMMjt1T5qTGNeJ8XHUqATN3WqpedOX9EYUONshrfTygoaISwQeXKMZkocIOu4hdyTLz4hC6dy68PiR6+Cca/1Ua/924w6VTfGOHIvuCn/UE1/eQGTLe86A2uhyTPF5koWWAjAtgmVzNcVfdOSqifsdUr7HgEWpWlhZmMSVU3uO/zNZxpjtoO1W8u+pAH/oZuL6L1f/Fo2CjJV6wScKmGoe0Mqd/CotrIUyd4zJcQjmwLeVOQnpBjwrcUT6hd5bk9gRjK/F7n64dXZSvnVXKS4I2a1HsbUeiZmMfVNw7ydH14Vye6Fz1P2/a6TZFtpChbA12FiuN1WuyLWcKLiDFCjz3xMYunVL/MSLtUiClZPj2QaTT2NiOl5uvkYeEdXqCWfYPIgMbHA29LcfptwnvtMhKcSArsl9A1E+C3Z4rjlOf0Ix3NSQNINVsWBcooGUkW3zEc78Kk1N8yKMmmIGV25CrGUStSOyiul7HaS0s9IWYdTTCc2KE+Dn/G/mu2h6PIE68ZxEWmAKmWZBYkpvKRXxz5PSVJ4m+3v2zRxZy/Q9jIU2G/X+clwh7NdBZ3VtB+dFtzPSpDNjKh7oeF+A2FoFMaU7bbo+ld3eKpB7Dclh04x605D7aAs9/qa/QEPvuvnWjg6507ybViEDarb4LuYTmicxrog7JHV1/H6v/c9lm1bbnJc+TGiGaiQDIEMGwlfoJQmypATvVHk1sNNbtosKh8WrdTvPLFzBsV/wBAFjc/TbeIxjZacUuIZSbdvp2qgUowWT51u5t0APHoeQ2JaOkKXM4h6l1adkQfJRw2Mj1maoOF+xrNcXz5JEZz3RStR8neRaXJ4aUH2ekbCUgHGRx0CXyIxOYWl1Z1Y53KMnIUiZRXV+7Z2m508+tlm/7NtcMfaADeErkNNtskGGH37yJ1XD7STzQAWtOdt5f1l+Wiz6mYbg+gwg0Nee/KK8hArSgOWqZ8ETN/5vahbgiavySB2SRz7rX2kqJUz/caG+HoshdTcRSyr3jtUR2jdVZQOnRHj8eiX76/MR8lJhq1MwtCTQUA0wmxU89Vo6Xd101boY8Gdh8ME3fvuLcKjbMpt3eAFLFf1qyYLGRpZ2VzdD0xODQ5NTMscz04NTk5OGE4MDdkYTU4MTg1YWI4YzhkNmI3MjgzYWNhZGExYTU2MmEzYTVhNDY1ODg3ZTlmOWRhOGFjODBhMjlkN2Y5ZWFlOGI3Nzg5NzE3Ng==
.geico.com/	1970-01-19 23:53:53	Name: _gcl_au Value: 1.1.622534231.1633457845
.geico.com/	1970-01-19 21:44:19	Name: utm_gpv_pageName Value: Static%3AHomePage%3ADefault
.geico.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.bing.com/	1970-01-20 07:05:53	Name: MUID Value: 3E32A15C765061BC26F0B19B771260F9
.geico.com/	1970-01-19 21:45:44	Name: _uetsid Value: 7dc465b0260811ec817189e4e18b9851
.geico.com/	1970-01-20 07:05:53	Name: _uetvid Value: 7dc49cd0260811ec80d81d779f2d4558
.geico.com/	1970-01-20 15:15:29	Name: _ga Value: GA1.2.85265321.1633457845
.geico.com/	1970-01-19 21:45:44	Name: _gid Value: GA1.2.1924665226.1633457845
.geico.com/	1970-01-19 21:44:17	Name: _gat_gtag_UA_34118221_1 Value: 1
.doubleclick.net/	1970-01-20 15:15:29	Name: IDE Value: AHWqTUkRlLPAuyMbVFEUvn0PVEsUNsfAOLQUvx3cXlCfm8XM0HURbf8yYvb4khOoY0o
geico-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 0ced5d9d0918094990d2f2fcc754ec39
geico-app.quantummetric.com/	1970-01-20 06:29:53	Name: U Value: e1d3b89bc68eb9929caa2fcaae4069be
.geico.com/	1970-01-19 21:44:19	Name: QuantumMetricSessionID Value: 0ced5d9d0918094990d2f2fcc754ec39
.geico.com/	1970-01-20 06:29:53	Name: QuantumMetricUserID Value: e1d3b89bc68eb9929caa2fcaae4069be
.salesforce.com/	1970-01-20 06:29:53	Name: BrowserId_sec Value: fnbuTyYIEeyK3G_Ijcsp1g
.www.geico.com/	1970-01-19 21:54:22	Name: RT Value: "z=1&dm=www.geico.com&si=edad80a5-3e50-49a1-a3d3-a5e2ec8598c2&ss=kueemhwp&sl=1&tt=36y&bcn=%2F%2F6852bd0b.akstat.io%2F"
.geico.com/	1969-12-31 23:59:59	Name: s_plt Value: 4.14
.geico.com/	1969-12-31 23:59:59	Name: s_pltp Value: Static%3AHomePage%3ADefault
.app.link/	1970-01-20 06:29:53	Name: _s Value: vKIkVpxAeNQ3oUOAO0GHHpD3IuEUcqdJ0iQlLUm3HMysI3WC0IgrS0Mqtylv6a3h

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2992003.fls.doubleclick.net
6852bd0b.akstat.io
adservice.google.com
api2.branch.io
app.link
assets.adobedtm.com
bat.bing.com
c.go-mpulse.net
cdn.branch.io
cdn.quantummetric.com
cm.everesttech.net
connect.facebook.net
d.la4-c1-ia4.salesforceliveagent.com
dpm.demdex.net
geico-app.quantummetric.com
geico-crm.secure.force.com
geico-sync.quantummetric.com
geico.demdex.net
geico.tt.omtrdc.net
geicoinsurance.my.salesforce.com
googleads.g.doubleclick.net
s.go-mpulse.net
sadobeanalytics.geico.com
stats.g.doubleclick.net
www.facebook.com
www.geico.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com
104.111.214.229
104.111.245.152
104.17.209.240
104.22.53.252
104.85.0.236
13.107.21.200
13.110.56.187
13.110.56.188
13.110.57.222
13.224.193.44
13.225.87.109
142.250.184.194
142.250.184.196
142.250.184.230
142.250.186.162
142.250.186.34
142.250.74.206
143.204.98.69
15.188.95.229
157.240.20.19
157.240.20.35
172.217.16.136
2.21.141.59
34.252.166.160
35.188.210.33
35.223.68.91
54.154.124.189
54.171.219.200
54.75.68.230
74.125.206.154
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0d124fecbfd554e55a642450f43f4b86eea9a42685c1fc38e8b23f9c4367a1c1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125d59e9ec5156eaa962616ad6a99f2204a5bff21c7139bd346ec6288b7ba4f1
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
12e1eb9a83e28c85cab1bb1fef59c6ab718158a79825c418cdd991acc442b5d5
15fd247bb7a978f15ba64674a2be22f161b61c408620eb91ff25d0ab3669e296
167db17ca4c286af830054d0dc8e2d987df599457969fad78451722d012546ee
20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4
20ffcf9060e62f5b99878519e86093ff52430ccd7d04f29344066b9cbe7ee745
2232fb97cd141b6841b8986bc2a3fb2c6a20a31532d4a9591404107b034f299d
22e98b4f2f3a88b91e8705ac6783646ebde3b16ac757cec7e29383b1f106aea8
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31
2ba96557ce30b48442ebf51491e8631eb15978162501dd60bf5ec007dbb99da0
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2ecd99433a9bd49657324a1aabe6d9906daf9c14f814fbae30e615eed24446df
2fa8b84af43a96bf528b86688c171dca8ea4fb787cb2d153ed0d90c20c861365
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
36601aac78ad3dee812df5ec8c9db84a0351e9df569eb3b1219377aae940d696
3e7788dc01d349de31ed9a5b0172a01777548cc1b105b3b759c2562b9c07f602
3e85bf86c1c3323f92f31f0ccde22c57a16f77f0b33a8cc069fd8d139f1dc13d
42b5b7e709a508eabeb712167e50d530bf7cae0b4b261e5841df18007cfba96c
439df5885089c84e5d6a7f3a0de94990d0a8efefe8452393d6b8a6476744e5a5
468c57f8761a187362da24967541bc7411fd75aeebfd1c7b667f90dfaab74340
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
48f1ddd84ccc7881e27ba4f5a0964df78e64181200b311bd2d0e8f79dccaa06a
4d990de603bbb71ff307b34206061f28d331dffd5c10e75e19987272b9b38ce4
4e7e40dc937577d793544d57a606d73613df4ef3ffc4c14d7e457153694af321
4ebe626fc4c7ebfabdd56a88aee689dfc08f17e6e5c9203932874d76899b751e
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980
5255af40c47d3009505994f334490cfac6102425238909c52cc1c437ed096272
54449a28e1d14ca4108c105adc369ada0efc1682f76352712105b0eb768ac5f7
55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187
5913f536f005d65e38fe664c938773df68ca83be7bff82fbcbde5709a04efb32
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
613c5fbd0343f30dd4917ce643c77d5dfc440a0b576f5c8ccc88305b2b5b14a4
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
6d2f0d22883653222c5182758d49ec34d0d083f84c3fa7465fa0bef09ebdfc1b
6d7b06dc53dd7862f4e6016ee7e13fd16bb571ebc0f0fe562654da7303c72b27
6faf483c4a5a06f384ca87041b631948bae48a73bc41a88e49f8a82b50a97223
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83d87737a6e5ebbefe41c92a1a07117e89e531299f418cb8f04d2b42951d288e
84cfc6d3a3121d37bc0b81dc34f924e4e828d76915342f797b39ef21f7c18a81
8b35e5b5a026a91af332e36dc7cd923e97c06635c1f344d4b304987a51e792b3
8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b
8fcd10e7e342391ae814cd982bd2aaf41a426afb3e5bb8a8cf3c5f96170f3bde
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82
9f318115f0a125f734429a6d8ddde4cda94f63abac9c37c94cb55e4810c00c15
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4188698fdcdc7d0923a300b01f241dde946e28b683c0a9e02ead2cedb064fee
a6592345af021110d0d9917703da9cb64ef16b7262ca7980a0b75d93413f18e9
a7c4a087ac16214e67b4d06ff7f3b2fd7688b5441676a9e693e5fc79b0da582e
aee060c1ecbf5659dc910b28a1b5e1e350c81c5dcf326428d81d10b23ea5382d
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b61423366f631dccc2155d387a06ff7c3894d235b3054659b41a095f093e8b55
bad297f747b5402153242013e0f7b7d6857e1bbf997b8b785d18447f6a173d43
bf222d391a3e48d83679ab92452773c1183d81dab59bb2a1e161259d0872c105
c2ddcee8d4032bb1da14fecd1d3cffde5ca72afa2e72b8665ede52d7fd569954
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c63d9709ed33ef26efdf0963fd0bed73318d9f8107a900ca1ce3698be8529e4d
c69471ac0da24eb182df70d5e885d36e6912e14efa95a1721e65c2bfa94be712
cd4925c501912913ce27240158c0353687fbab69877aab05f38a96410a28208c
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
ce996d87090081b095f9957984661db372065e7ec4c937fcbc1124d9546a52c6
cefbd68255cfb66378b868e6bf1904a798361d72a870d2d420f760f286c24e1e
d111c37a72fcb3fbfbb6fedeaa7ac5298f0cd7b1f0b89bfcc182e5d69289d199
d87fb068465b0ac485dd7109f5bb5e39cd74b6653681cc6212d3015025c4a7e0
d916ba6c2c7a2ef02da3b9ce161a3be774912417354fc7fe33af480a8fecbb8d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df5060f6254d6f5ca6a49f1d05339772ad3401412d238a0d9d258b3f7df35421
e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36
e2b5671acbca6793df6eac5b249000ad794b66b41b94b05cafd188b44d3b8e03
e39e316883e41826bcd4b8aaac5b8d6bf5356b958cd5d292b869bf727b87ebda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49829a279f4c64c6fe65ddf89956943bea2cb6957f3ef510b2ab13b2d77f4be
e92c1c99f4eb4964fd77bc9bd3e7e116391389a9247ea045c398d9176120d28d
eabda505fc8e9fd5f5ef0330e147a9dbedfc7338553ec998e38098afa13bb4be
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f98db23e824e7b5a4eea38328acf1d224a9c56ad48878634e122fc597952b9bb
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fd093e9b0608d6c7f56f32ead8e0fafe244622696db732e8b821e43336fc1ff6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff3b98aecdafe491af596221294c26e3ce24c9a3f0bacc043c27bdf8916ba8c5

www.geico.com Open in urlscan Pro 104.111.245.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

100 %HTTPS

0 %IPv6

22 Domains

31 Subdomains

30 IPs

6 Countries

1051 kBTransfer

3634 kBSize

35 Cookies

32 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.geico.com Open in urlscan Pro
104.111.245.152 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

31
Subdomains

30
IPs

6
Countries

1051 kB
Transfer

3634 kB
Size

35
Cookies

108 HTTP transactions
1 data transactions