urlscan.io logo urlscan.io
SecurityTrails logo

auto1.insurancespecialists.com Open in urlscan Pro
13.226.159.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://track.whatayasaywedo.com/?xtl=9844k1skylkjlhpzvg8ybl8c45zru9voc88octyeuw0n72df52nrodp8ai2sf77mbiqa1dcv0uennlacotjyo3jekil...
Effective URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&...
Submission Tags: falconsandbox
Submission: On April 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 21 domains to perform 58 HTTP transactions. The main IP is 13.226.159.63, located in United States and belongs to AMAZON-02, US. The main domain is auto1.insurancespecialists.com.
TLS certificate: Issued by Amazon on July 17th 2020. Valid for: a year.
This is the only time auto1.insurancespecialists.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.195.209.248 14618 (AMAZON-AES)
2 13.226.159.63 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 34.96.102.137 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
4 195.201.242.21 24940 (HETZNER-AS)
1 35.186.194.58 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1288:80:... 203220 (YAHOO-DEB)
1 199.232.137.44 54113 (FASTLY)
3 44.227.143.1 16509 (AMAZON-02)
6 52.204.59.90 14618 (AMAZON-AES)
1 52.219.112.64 16509 (AMAZON-02)
2 184.30.212.44 20940 (AKAMAI-ASN1)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.156.2 16509 (AMAZON-02)
1 3.227.129.168 14618 (AMAZON-AES)
58 23
1    34.195.209.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-209-248.compute-1.amazonaws.com
track.whatayasaywedo.com
2    13.226.159.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-63.dus51.r.cloudfront.net
auto1.insurancespecialists.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
4    195.201.242.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.242.201.195.clients.your-server.de
servedbyadbutler.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
1    2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
3    44.227.143.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
suited45trk.com
6    52.204.59.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-59-90.compute-1.amazonaws.com
create.leadid.com
1    52.219.112.64 (San Jose, United States)

ASN16509 (AMAZON-02, US)
s3-us-west-1.amazonaws.com
2    184.30.212.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.nextinsure.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    13.226.156.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-2.dus51.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    3.227.129.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-129-168.compute-1.amazonaws.com
deviceid.trueleadid.com
Domain Requested by
7 www.google.de auto1.insurancespecialists.com
7 www.google.com 1 redirects auto1.insurancespecialists.com
7 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
7 dev.visualwebsiteoptimizer.com auto1.insurancespecialists.com
dev.visualwebsiteoptimizer.com
6 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
4 servedbyadbutler.com auto1.insurancespecialists.com
3 suited45trk.com auto1.insurancespecialists.com
servedbyadbutler.com
ajax.googleapis.com
3 s.yimg.com auto1.insurancespecialists.com
s.yimg.com
2 www.nextinsure.com servedbyadbutler.com
auto1.insurancespecialists.com
2 bat.bing.com auto1.insurancespecialists.com
2 auto1.insurancespecialists.com auto1.insurancespecialists.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 s3-us-west-1.amazonaws.com servedbyadbutler.com
1 cdn.taboola.com auto1.insurancespecialists.com
1 create.lidstatic.com auto1.insurancespecialists.com
1 www.googleadservices.com www.googletagmanager.com
1 rs.fullstory.com edge.fullstory.com
1 edge.fullstory.com auto1.insurancespecialists.com
1 www.googletagmanager.com auto1.insurancespecialists.com
1 ajax.googleapis.com auto1.insurancespecialists.com
1 track.whatayasaywedo.com 1 redirects
58 22

This site contains no links.

Subject Issuer Validity Valid
insurancespecialists.com
Amazon		 2020-07-17 -
2021-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
edge.fullstory.com
GTS CA 1D2		 2021-02-23 -
2021-05-24		 3 months crt.sh
adbutler.io
Sectigo RSA Domain Validation Secure Server CA		 2021-03-25 -
2021-08-01		 4 months crt.sh
*.fullstory.com
R3		 2021-03-29 -
2021-06-27		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2020-05-31 -
2021-05-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-24 -
2021-05-12		 2 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.suited45trk.com
AlphaSSL CA - SHA256 - G2		 2021-03-04 -
2022-04-05		 a year crt.sh
create.leadid.com
Amazon		 2020-05-22 -
2021-06-22		 a year crt.sh
*.s3-us-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-07-30 -
2021-08-04		 a year crt.sh
www.quinstreet.com
GeoTrust RSA CA 2018		 2021-03-16 -
2021-11-11		 8 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2021-02-06 -
2022-03-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Frame ID: 89427A0D36B71F5F799179FB382EE226
Requests: 55 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=73C436AA-152F-80DF-7986-17D234B3329F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Frame ID: 8DF756CF8C6C65C452B5ED7CE481479C
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=73C436AA-152F-80DF-7986-17D234B3329F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Frame ID: 67B86D23F34D7E5692F9B7F34EA228B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://track.whatayasaywedo.com/?xtl=9844k1skylkjlhpzvg8ybl8c45zru9voc88octyeuw0n72df52nrodp8ai2sf77mbiqa1dc... HTTP 302
    https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&Curren... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

58
Requests

100 %
HTTPS

42 %
IPv6

21
Domains

22
Subdomains

23
IPs

3
Countries

530 kB
Transfer

1656 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://track.whatayasaywedo.com/?xtl=9844k1skylkjlhpzvg8ybl8c45zru9voc88octyeuw0n72df52nrodp8ai2sf77mbiqa1dcv0uennlacotjyo3jekil23bwffiezx50lqxwmws5j1mvn1khzcqth776assl5i46l65xi07o5ja53f9ipbnzw1lrv71g43hxvwop3lky88mde1irue8wl7r8x0mfo7ebm79wzmxwapcekect5m3flrxfosayu5oxqv1sq2l4aveahgyfmql0d7j98m8cgl7kfbflpnwqpfz2avfgw5tlnfhlu5hd2dsa3xkpkuiai8r0u48g7w2v2ac5pfy86omnflx59g1orpqhsbz1u3gcjbhpbca819on43dw6tzz0ln117nn9k6ac8sq5btwf09rnlycvyu4ovzmyikv9sez1b4x8dtyat264hcpenqqdmaz2kc5zzbdwjj85ow43aysxiqoy00lwjpfpm2fan5vc6njhqu4rpeiha8dnn7b3r3ibxtvthnd9w1vk0dr3yv71hika47lq326vp4obicuwflav5buc29w45y94qyjge7co6r0my4twmzkir7aclts6gxke37u394yo80bpltvc5vr6cclvow9k39zsphngfas1gg0tmb80wbvi38yd32q51leibznqbvvfax87e4veaw7rnvf5gghwnqt7tyosxpg3pvl73oiu4qk7sure1q6ncr5w1jm04rhledtilta3h5u8vljqowctksw850e36n3nob0gcmw5wtmvyimo202z6xwxvzpzxyjw7z0d270qxh5fwtjkdzzqumcqmwh89ui0ry3ufywoccvjt34lpg6ar0iygj48pf6032r9y1ul7ce7ycl44un69fast4oej5r6wwg01q6aafyzvh6c354j5c2ywv1sar00kvptutzm7cla0a8szxlxgm54snhhr1pn2o3tufa3zhcpexsltjer8qje998nvcg647fjic1xanwz0h94djr&eih=2re84zjfzzov0yyws6z5rk554mh0cqh7yt&Accident&CurrentlyInsured&Gender&LicenseStatus&OwnedLeasedOrFinanced&Violation&VehiclePrimaryUse&City=NORTHFIELD&CreditRating=Good&FirstName=Mimi&LastName=Rosas&Address=1%2BNorth%2BCollege%2BStreet&email=mderosas%40carleton.edu&PhoneSecondary&ZipCode=55057&SiteVertical HTTP 302
    https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701378055/?random=1617295960174&cv=9&fst=1617295960174&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/701378055/?random=1617295960174&cv=9&fst=1617292800000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&is_vtc=1&random=686707790&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/701378055/?random=1617295960174&cv=9&fst=1617292800000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&is_vtc=1&random=686707790&resp=GooglemKTybQhCsO&ipr=y

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
auto1.insurancespecialists.com/
Redirect Chain
  • http://track.whatayasaywedo.com/?xtl=9844k1skylkjlhpzvg8ybl8c45zru9voc88octyeuw0n72df52nrodp8ai2sf77mbiqa1dcv0uennlacotjyo3jekil23bwffiezx50lqxwmws5j1mvn1khzcqth776assl5i46l65xi07o5ja53f9ipbnzw1lrv...
  • https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimar...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f63127fd7d6e91d097b76dfe73ece639871162d2f2e6ad7584968dad3dfd70cf

Request headers

:method
GET
:authority
auto1.insurancespecialists.com
:scheme
https
:path
/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
date
Wed, 31 Mar 2021 19:51:58 GMT
last-modified
Wed, 31 Mar 2021 19:31:59 GMT
etag
W/"3d3b2ed7a24b0b51e86a509ddb4923da"
x-amz-version-id
null
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
MA1UkQYb8oqq4pl27GfyINsQUtsebMU9idS7QP6Vjuscm8NF0wpwpQ==
age
75641

Redirect headers

Date
Thu, 01 Apr 2021 16:52:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
X-Powered-By
PHP/5.5.38
Location
https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
X-Permitted-Cross-Domain-Policies
None
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block;
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 09:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200273
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Mar 2022 09:14:46 GMT
scripts.js
auto1.insurancespecialists.com/ 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auto1.insurancespecialists.com/scripts.js
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-63.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2681b47cefb40a11e08f129796c460003d5902de01a240afa29a6a4ebe8ecd3

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 19:51:59 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 19:31:58 GMT
server
AmazonS3
age
75641
etag
W/"a721168fe5ccc94ab35ca70cfb066f16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
m7uDD5lkeFYXnvwI0aQySWtyTN6rpxxZB1UmqYqEKMb4qntMbUHVxg==
gtm.js
www.googletagmanager.com/ 		541 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6551672b0295d7d353d0d0fddea5abfe8d277fce2910f0316b2d234da2815ba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59328
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Apr 2021 16:52:40 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&f=1&r=0.36868964290216955
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
2234c3f8fcfb3fa425afd656209d64818bb4391a7468b89935c903e2748072bc

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 16:52:39 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
fs.js
edge.fullstory.com/s/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
afbaa3166010149c269df3dbeb50dea7acc9238b16d3d0e91dc4a03452cdcabc

Request headers

Origin
https://auto1.insurancespecialists.com
Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 15:56:17 GMT
content-encoding
gzip
age
3382
x-guploader-uploadid
ABg5-UyY7Lcf9o3_NAx7IwWimyhFgG1WkI_fcqgXzWFvn-AGTPpPuVq9WqplRys_QIkKVx7UffuXeNNjqaLmiEwSY_M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
60771
last-modified
Tue, 30 Mar 2021 16:10:39 GMT
server
UploadServer
etag
"e7c688c393a69b3e60d73dcc27d1f7c6"
x-goog-hash
crc32c=5WbjIg==, md5=58aIw5Ommz5g1z3MJ9H3xg==
x-goog-generation
1617120638955903
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
60771
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 01 Apr 2021 16:56:17 GMT
;ID=169214;size=0x0;setID=347308;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=169214;size=0x0;setID=347308;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.242.201.195.clients.your-server.de
Software
nginx /
Resource Hash
061761288a7a1b47f9b972f5ee2c6429f0f15a596b1afa4098dc20af895788e1

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
va-9d6ac57dbcbba3321dd904e6ee78b647.js
dev.visualwebsiteoptimizer.com/7.0/ 		210 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&f=1&r=0.36868964290216955
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
484377f9c2780042a9bea283c5d788268e0a6bbb9e2618cd4731de11a7240571

Request headers

Origin
https://auto1.insurancespecialists.com
Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:39 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 11:30:18 GMT
server
gams1
etag
"6065aeca-ef3c"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61244
via
1.1 google
track-9d6ac57dbcbba3321dd904e6ee78b647.js
dev.visualwebsiteoptimizer.com/7.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&f=1&r=0.36868964290216955
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
fa4b83d4352e659c275d4545f59c06dec8dd6f06f177fa16ab7614480eea6816

Request headers

Origin
https://auto1.insurancespecialists.com
Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:39 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 11:30:18 GMT
server
gams1
etag
"6065aeca-dd9"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3545
via
1.1 google
opa-5ad3a568fb608b1d8d6d9257ee8062c4.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		93 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-5ad3a568fb608b1d8d6d9257ee8062c4.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&f=1&r=0.36868964290216955
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
d466418d4c7182eb70a73da834678c1c36ce029f68658c19abddedc305a2d0dc

Request headers

Origin
https://auto1.insurancespecialists.com
Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
br
last-modified
Tue, 30 Mar 2021 10:32:33 GMT
server
gams1
etag
"6062fe41-5ff9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24569
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=364281&d=auto1.insurancespecialists.com&u=D2DA3E7E227F36C5E37B036FE7F4CB952&h=cb8f01f7578d8262de34dfb1fca712f4&t=false&r=0.4475160163264176
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
page
rs.fullstory.com/rec/ 		61 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1129b8ec6a9a88644d5daf07635557a18602710c783d8b701da18c374fe88894
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://auto1.insurancespecialists.com
access-control-allow-credentials
true
alt-svc
clear
content-length
61
conversion_async.js
www.googleadservices.com/pagead/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
29d92ac472601822dcce42088f2554ba36e11287d5db9e199a3b7646ad89eeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13738
x-xss-protection
0
server
cafe
etag
7361881915483951561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 16:52:40 GMT
f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34144024c3759ba1b591d06af421399bbd339c567558347b08c9419cfea41bfe

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
151
x-amz-replication-status
COMPLETED
x-amz-request-id
GWWM1QQVX6SP4D5F
x-amz-id-2
T41hcv7gwz7kUtF4s2bVqa/OF0R8Qwlx8MnTSt6hBF4J/ktHAZQHieZajTcR6ctcK5WJJYBNae0=
last-modified
Wed, 31 Mar 2021 15:04:31 GMT
server
cloudflare
etag
W/"149ea4613f141881a75957fd4228f47a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-version-id
AqhCNYY3qDds6wf08ysIY8oMVOINS7ME
cf-request-id
092ff3002100004e7f5ca18000000001
cf-ray
6393544698b44e7f-FRA
bat.js
bat.bing.com/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:39 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref
Ref A: 89D94215EB1B4FF9B6F69521D635A3D5 Ref B: FRAEDGE1313 Ref C: 2021-04-01T16:52:40Z
etag
"804e75f6fd11d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8562
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Apr 2021 16:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1034
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5581
x-amz-id-2
E5CwHeVXOijKhxH2zRLIXBmBWtNSub1eBWnFgjbbAdsUZzUirqmZcHVkwrbwHT11E01szkePAyU=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
NNZGX6Y17SEZNTYS
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges
bytes
content-type
application/javascript
tfa.js
cdn.taboola.com/libtrc/unip/1221287/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1221287/tfa.js
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfc1ba4f78fd4d506d882af460566f540abe371e103782a23f9bceeb7667d745

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eJSv8Fqu80_vFp9_mMzcVaZUlNCz_LsK
content-encoding
gzip
etag
"3bbbc73bd8e93a144a24661f3e4cbd2f"
age
151
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
22001
x-amz-id-2
sHVw3sg/zIGZd2gRjNWwDpbYSWR1MnlhG2cJxX6VyZVPhNcpkiw/ASHsrz5ZOMTmFBVzhSGWCIM=
x-served-by
cache-hhn11583-HHN
last-modified
Tue, 09 Mar 2021 16:35:04 GMT
server
AmazonS3
x-timer
S1617295960.133988,VS0,VE1
date
Thu, 01 Apr 2021 16:52:40 GMT
vary
Accept-Encoding
x-amz-request-id
EHHFN608A9KK4195
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
96
x-cache-hits
1
i.ashx
suited45trk.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suited45trk.com/i.ashx?E=ioRbPaO96RS0N%2bWN9CpF0oGv1HWZG%2fpN&s1=SUB_ID
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.227.143.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Ckt
c1ivkm0npmrao4mrnb40
X-Ray
c1ivkm0npmrao4mrnb2g
Date
Thu, 01 Apr 2021 16:52:40 GMT
Content-Length
0
;ID=169214;size=0x0;setID=347309;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=169214;size=0x0;setID=347309;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.242.201.195.clients.your-server.de
Software
nginx /
Resource Hash
0971eed7b4a01f76272d9fd3b632dab3e6b7b85f95d2ec28c51fe1c9f7ca3c46

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
10004409.json
s.yimg.com/wi/config/ 		2 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10004409.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
D33ZHHE8N9SQ8NEM
x-amz-id-2
0QgfhFCeM8qShe+tliDWJb9M6Q5OwatxGdmRuVFOLGw96n9Ac66xJg0H5Yw6OGIkSmy7A92GFiQ=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
10062478.json
s.yimg.com/wi/config/ 		2 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10062478.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
D33R1447ZMBF6TXP
x-amz-id-2
ePSxA/u1oPwE6jemYd0qpyMCYzQw6bwdu4UvAaV/oyU5mLNsTKL8TH1hdijhsiuyrzP+68/Aww0=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
settings.js
dev.visualwebsiteoptimizer.com/ 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=364281&settings_type=1&vn=7.0&r=0.9362362564519315&exc=3|4
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
88ebfe953d636a14102b8f695ada9eda9c5c0996d1e7bc7a04ef7938140f7e4b

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
GenerateToken
create.leadid.com/2.7.0/ 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=5d307bd3-aa1c-4ab6-8f36-6902058226b6&_=190088281
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.59.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-59-90.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
7a6052c45a867da0b002e37cfc4c04c4b86507e0785cd05ec0586b78ffec8eef

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
offers.js
s3-us-west-1.amazonaws.com/offers.printfingertech.net/js/ 		158 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-1.amazonaws.com/offers.printfingertech.net/js/offers.js
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=169214;size=0x0;setID=347309;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.112.64 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d58720202966ba0c8e2ee1994a9b9f9f488bb0e359b55865301a646cd8e2346

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 01 Apr 2021 16:52:41 GMT
Last-Modified
Tue, 30 Mar 2021 21:06:31 GMT
Server
AmazonS3
x-amz-request-id
D33XNBWV33SPTCDP
ETag
"c453a8bccee3d39b26a83ddb38ef4e7b"
Content-Type
application/javascript
x-amz-version-id
Wc5ViET90lGkP0_WIRMR7xfW5jdod9vh
Accept-Ranges
bytes
Content-Length
162225
x-amz-id-2
9a+SsoHr3xBTSidxrAHTwOM/h5k0Kn8xPUHhfaVMNMbIZykKQWY4qYPNdOOsRFbeRIqhR40cgAM=
i.ashx
suited45trk.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suited45trk.com/i.ashx?E=P03X8BUPhQ12TRsBimkJS%2bcV2pp1jy6g&s1=SUB_ID
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=169214;size=0x0;setID=347309;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.227.143.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Ckt
c1ivkm5u63osadoeq5c0
X-Ray
c1ivkm5u63osadoeq5ag
Date
Thu, 01 Apr 2021 16:52:40 GMT
Content-Length
0
sh
www.nextinsure.com/listingdisplay/loader/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nextinsure.com/listingdisplay/loader/sh
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=169214;size=0x0;setID=347309;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/704931280/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/704931280/?random=1617295960170&cv=9&fst=1617295960170&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
703d9899d7c236c069883617ccb0567e8a343320520b3ba955dd534d730874b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/475301821/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475301821/?random=1617295960173&cv=9&fst=1617295960173&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae708975bdc69bd579055bbba880ee4ab557bdcbc65dbeae591e6cf3c2f56f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/709015113/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709015113/?random=1617295960174&cv=9&fst=1617295960174&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79e737ad60e3647d512c2162eccd3d1bf4652f891acf0a5330919b148855cf73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/701378055/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701378055/?random=1617295960174&cv=9&fst=1617295960174&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_...
  • https://www.google.com/pagead/1p-user-list/701378055/?random=1617295960174&cv=9&fst=1617292800000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u...
  • https://www.google.de/pagead/1p-user-list/701378055/?random=1617295960174&cv=9&fst=1617292800000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_...
42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/701378055/?random=1617295960174&cv=9&fst=1617292800000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&is_vtc=1&random=686707790&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/701378055/?random=1617295960174&cv=9&fst=1617292800000&num=1&fmt=3&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&is_vtc=1&random=686707790&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/860860373/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860860373/?random=1617295960175&cv=9&fst=1617295960175&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f8f5ada1c3f38b4e51a7e5ad8755aa53c292b5f23196b431b57d7b96764c106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/712220025/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712220025/?random=1617295960175&cv=9&fst=1617295960175&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea1eb6453aeb19fb6dfeabbaa6aefb3aebf4897cdd031f3ea01083bf78682f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782166578/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782166578/?random=1617295960176&cv=9&fst=1617295960176&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71b1ac9a80fed6d2e438879488cfa57cdd1ed5613e31e11f034586d35fd5b1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-5ad3a568fb608b1d8d6d9257ee8062c4.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:39 GMT
content-encoding
br
last-modified
Mon, 16 Mar 2020 04:39:53 GMT
server
gams1
etag
"5e6f0319-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
/
www.google.com/pagead/1p-user-list/704931280/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/704931280/?random=1617295960170&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=2275978127&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/704931280/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/704931280/?random=1617295960170&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=2275978127&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/475301821/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/475301821/?random=1617295960173&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=337609037&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/475301821/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/475301821/?random=1617295960173&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=337609037&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/709015113/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/709015113/?random=1617295960174&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=4193121655&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/709015113/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/709015113/?random=1617295960174&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=4193121655&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/712220025/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/712220025/?random=1617295960175&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=1973764689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/712220025/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/712220025/?random=1617295960175&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=1973764689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/860860373/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/860860373/?random=1617295960175&cv=9&fst=1617292800000&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=4155872065&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/860860373/ 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/860860373/?random=1617295960175&cv=9&fst=1617292800000&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=4155872065&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782166578/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782166578/?random=1617295960176&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=961885339&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782166578/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782166578/?random=1617295960176&cv=9&fst=1617292800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&tiba=Thank%20You&async=1&fmt=3&is_vtc=1&random=961885339&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 8DF7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=73C436AA-152F-80DF-7986-17D234B3329F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-2.dus51.r.cloudfront.net
Software
nginx/1.17.6 /
Resource Hash
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host
d2m2wsoho8qq12.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://auto1.insurancespecialists.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://auto1.insurancespecialists.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Thu, 01 Apr 2021 05:54:05 GMT
Server
nginx/1.17.6
Last-Modified
Wed, 31 Mar 2021 12:29:15 GMT
ETag
W/"60646b1b-da5"
P3P
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding
gzip
X-Cache
Hit from cloudfront
Via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
bXy_rzox89lOvyIkFzKvQ6YKOHdzZkeaUcb0FeOXcEWgDKFNFyxDgA==
Age
39515
SaveDom
create.leadid.com/2.7.0/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=5d307bd3-aa1c-4ab6-8f36-6902058226b6&token=73C436AA-152F-80DF-7986-17D234B3329F&_=190088282
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.59.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-59-90.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 67B8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=73C436AA-152F-80DF-7986-17D234B3329F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=73C436AA-152F-80DF-7986-17D234B3329F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.129.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-129-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3dd1fa07e4802c23e53915d6e8a450445a9c50efcada797976b64eff77fbb6bd

Request headers

Host
deviceid.trueleadid.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://d2m2wsoho8qq12.cloudfront.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d2m2wsoho8qq12.cloudfront.net/

Response headers

Cache-Control
max-age=86400 public
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 01 Apr 2021 16:52:41 GMT
ETag
W/"5edf9bec-104a"
Expires
Fri, 02 Apr 2021 16:52:41 GMT
Last-Modified
Tue, 09 Jun 2020 14:25:48 GMT
P3P
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server
nginx
Content-Length
1736
Connection
keep-alive
Snap
create.leadid.com/2.7.0/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.7.0/Snap?msn=3&pid=5d307bd3-aa1c-4ab6-8f36-6902058226b6&token=73C436AA-152F-80DF-7986-17D234B3329F&_=190088283
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.59.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-59-90.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Apr 2021 16:52:40 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.7.0/ Frame 67B8 		0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.7.0/SaveDeviceId.js?lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&methods=16&token=73C436AA-152F-80DF-7986-17D234B3329F&uuid=27c8a390a2ee49f4bc86d0486d13e2c1
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=73C436AA-152F-80DF-7986-17D234B3329F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.59.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-59-90.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:41 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
sh
www.nextinsure.com/listingdisplay/loader/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nextinsure.com/listingdisplay/loader/sh
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
;ID=169214;size=0x0;setID=347310;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		96 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=169214;size=0x0;setID=347310;type=js;sw=1600;sh=1200;spr=1;kw=;pid=2644866;place=0;rnd=2644866;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.242.201.195.clients.your-server.de
Software
nginx /
Resource Hash
7c7a26f51bbfcf7102b9957c3aef210088491784c13cf30e848be4ed3484e3f5

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:52:41 GMT
server
nginx
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/x-javascript
expires
Mon, 26 Jul 1997 05:00:00 GMT
blank.gif
servedbyadbutler.com/error/ 		42 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedbyadbutler.com/error/blank.gif
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.242.201.195.clients.your-server.de
Software
nginx /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:52:41 GMT
last-modified
Thu, 24 Oct 2019 18:48:41 GMT
server
nginx
etag
"5db1f209-2a"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42
expires
Fri, 01 Apr 2022 16:52:41 GMT
/
suited45trk.com/ 		122 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suited45trk.com/?cp=js&o=2710&a=1479&s1=130446&s2=9030178&s3=&s4=&s5=&c=13455&cpid=26745&p=&_=1617295959938
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
44.227.143.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3c616f34f6c10869614e20f1569115afd07a4ff8d2ab7518425bad14b406c2e4

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 16:52:41 GMT
Cache-Control
private
Content-Type
text/javascript; charset=utf-8
Content-Length
122
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
0
bat.bing.com/action/ 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56315087&Ver=2&mid=7133cfaf-cefb-4a77-b047-756faef95aea&sid=ac5efd00930a11eba97a91d45740d235&vid=ac5f15e0930a11eb889d4176e1c5fa75&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Thank%20You&p=https%3A%2F%2Fauto1.insurancespecialists.com%2F%3Fo%3D2710%26a%3D1479%26c%3D13455%26cpid%3D26745%26s1%3D130446%26ts%3Dauto1-130446%26Accident%3D%26CurrentlyInsured%3D%26Gender%3D%26LicenseStatus%3D%26OwnedLeasedOrFinanced%3D%26Violation%3D%26VehiclePrimaryUse%3D%26YearHomeBuilt%3D%26city%3DNORTHFIELD%26credit_rating%3DGood%26bcrlb%3D2%26first_name%3DMimi%26last_name%3DRosas%26address%3D1%252BNorth%252BCollege%252BStreet%26email%3Dmderosas%40carleton.edu%26phone_primary%3D%26credit%3DGood%26zipcode%3D55057%26s2%3D9030178%26s3%3D&r=&lt=2139&evt=pageLoad&msclkid=N&sv=1&rn=656417
Requested by
Host: auto1.insurancespecialists.com
URL: https://auto1.insurancespecialists.com/?o=2710&a=1479&c=13455&cpid=26745&s1=130446&ts=auto1-130446&Accident=&CurrentlyInsured=&Gender=&LicenseStatus=&OwnedLeasedOrFinanced=&Violation=&VehiclePrimaryUse=&YearHomeBuilt=&city=NORTHFIELD&credit_rating=Good&bcrlb=2&first_name=Mimi&last_name=Rosas&address=1%2BNorth%2BCollege%2BStreet&email=mderosas@carleton.edu&phone_primary=&credit=Good&zipcode=55057&s2=9030178&s3=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 01 Apr 2021 16:52:40 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 88DCCD6383384B2293F51FDBABD8474F Ref B: FRAEDGE1313 Ref C: 2021-04-01T16:52:41Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
Snap
create.leadid.com/2.7.0/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.7.0/Snap?msn=4&pid=5d307bd3-aa1c-4ab6-8f36-6902058226b6&token=73C436AA-152F-80DF-7986-17D234B3329F&_=190088284
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.59.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-59-90.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Apr 2021 16:52:41 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.7.0/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.7.0/Snap?msn=5&pid=5d307bd3-aa1c-4ab6-8f36-6902058226b6&token=73C436AA-152F-80DF-7986-17D234B3329F&_=190088285
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.59.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-59-90.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auto1.insurancespecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Apr 2021 16:52:42 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| scData number| settings_timer number| _vwo_settings_timer object| _vwo_code boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS number| rnd number| pid347308 number| plc347308 string| abkw string| absrc number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb string| _fs_loaded function| _fs_shutdown object| google_tag_manager object| google_tag_data object| uetq object| dotq object| _tfa number| pid347309 number| plc347309 object| YAHOO function| UET function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| LeadiDconfig object| LeadiD function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| __nls number| ___vwo object| defaultStyleFrame object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| trackConversion function| arrayToQuery function| getQueryParameter function| isCapturedDataAvailable function| isPrepopDataAvailable function| capturedData function| getGlobalQueryParameters function| goToUrl function| appendQueryToUrl function| openUrlWithFormData function| openUrl function| showLoadingMessage function| createUUID function| toUrlEncoded function| getData function| compressData function| expandData function| resizeIframes function| closest function| getUsersAge function| getAffiliateID function| getTrafficSource function| findInsuranceCarrier function| isCurrentlyInsured function| getVehicleCount function| translateHomeowner function| translateMaritalStatus function| translateSR22 function| translateCreditRating function| isInZipExclusionList function| requireSR22 function| getAge function| getBirthYear function| hadLicenseLT3Years function| isUnder21 function| hasPriors function| isVehicleOlderThan2004 function| translateTransparentlyCreditScore function| translateUsersAge function| translateAnnualMileage function| translateCurrentInsuranceProvider function| translateCurrentlyInsured function| translateGender function| translateLicenseStatus function| translatePrimaryPurpose function| translateTargetCoverage function| translateVehicleCount function| translateVehicleOwnershipType function| translateEducation function| translateOccupation function| translateAgeofHome function| translateHomeType function| translatePropertyType function| translateInterestRate function| translateOwnOrRent function| translateLoanType function| translateMilitaryService function| translatePropertyValues function| c2cTranslateCurrentlyInsured function| c2cTranslateSR22 function| c2cTranslateGender function| c2cTranslateHomeowner function| c2cTranslateMaritalStatus function| c2cTranslateLicenseStatus function| transparentlyPolicyAmount function| phoneMask function| getTransparentlyAd function| transparentlyAd function| transparentlyAutoBidParams function| transparentlyAutoData function| transparentlyHomeData function| transparentlyLifeData function| transparentlyMedData function| transparentlyMortgageData function| clicks2ConvertHealthObj function| getOwnRentValue function| rmpMediaAlphaData object| hsh object| qsConfig object| scClicksNet object| scQuoteWizard object| bbm string| ni_ad_client number| ni_res_id string| ni_alt_url string| ni_zc string| ni_var1 number| ni_display_width number| ni_display_height number| pid347310 number| plc347310 function| getParameterByName function| getCakeURLParams function| getCakeOrganic function| shouldReOrder boolean| ckm_cp number| ckm_request_id

12 Cookies

Domain/Path Name / Value
.insurancespecialists.com/ Name: _uetvid
Value: ac5f15e0930a11eb889d4176e1c5fa75
.insurancespecialists.com/ Name: _uetsid
Value: ac5efd00930a11eba97a91d45740d235
auto1.insurancespecialists.com/ Name: leadid_token-2B26B722-D668-EC71-D186-45FE6EC4DDE1-F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6
Value: 73C436AA-152F-80DF-7986-17D234B3329F
.insurancespecialists.com/ Name: _vwo_ssm
Value: 1
.insurancespecialists.com/ Name: _vwo_sn
Value: 0%3A1
.insurancespecialists.com/ Name: _vis_opt_s
Value: 1%7C
.insurancespecialists.com/ Name: _vwo_uuid
Value: D2DA3E7E227F36C5E37B036FE7F4CB952
.deviceid.trueleadid.com/ Name: uuid
Value: 27c8a390a2ee49f4bc86d0486d13e2c1
.auto1.insurancespecialists.com/ Name: _vwo_uuid_v2
Value: D2DA3E7E227F36C5E37B036FE7F4CB952|cb8f01f7578d8262de34dfb1fca712f4
.insurancespecialists.com/ Name: _vwo_ds
Value: 3%3Aa_0%2Ct_0%3A0%241617295959%3A6.04399987%3A%3A%3A4_0%2C3_0%3A0
.insurancespecialists.com/ Name: _vis_opt_test_cookie
Value: 1
.insurancespecialists.com/ Name: _gcl_au
Value: 1.1.54339040.1617295960

3 Console Messages

Source Level URL
Text
console-api log URL: https://auto1.insurancespecialists.com/scripts.js(Line 1)
Message:
https://suited45trk.com/?cp=js&o=2710&a=1479&s1=130446&s2=9030178&s3=&s4=&s5=&c=13455&cpid=26745&p=
console-api log (Line 1)
Message:
%c LeadiD.token = 73C436AA-152F-80DF-7986-17D234B3329F background: #FD5B78; color: #FFFFFF
console-api log URL: https://auto1.insurancespecialists.com/scripts.js(Line 1)
Message:
Cake Pixel Fired

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
auto1.insurancespecialists.com
bat.bing.com
cdn.taboola.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
dev.visualwebsiteoptimizer.com
deviceid.trueleadid.com
edge.fullstory.com
googleads.g.doubleclick.net
rs.fullstory.com
s.yimg.com
s3-us-west-1.amazonaws.com
servedbyadbutler.com
suited45trk.com
track.whatayasaywedo.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nextinsure.com
13.226.156.2
13.226.159.63
142.250.186.162
184.30.212.44
195.201.242.21
199.232.137.44
2606:4700:10::6816:26b6
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2004
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
3.227.129.168
34.195.209.248
34.96.102.137
35.186.194.58
35.201.112.186
44.227.143.1
52.204.59.90
52.219.112.64
061761288a7a1b47f9b972f5ee2c6429f0f15a596b1afa4098dc20af895788e1
0971eed7b4a01f76272d9fd3b632dab3e6b7b85f95d2ec28c51fe1c9f7ca3c46
1129b8ec6a9a88644d5daf07635557a18602710c783d8b701da18c374fe88894
2234c3f8fcfb3fa425afd656209d64818bb4391a7468b89935c903e2748072bc
29d92ac472601822dcce42088f2554ba36e11287d5db9e199a3b7646ad89eeb4
2f8f5ada1c3f38b4e51a7e5ad8755aa53c292b5f23196b431b57d7b96764c106
34144024c3759ba1b591d06af421399bbd339c567558347b08c9419cfea41bfe
3c616f34f6c10869614e20f1569115afd07a4ff8d2ab7518425bad14b406c2e4
3dd1fa07e4802c23e53915d6e8a450445a9c50efcada797976b64eff77fbb6bd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
484377f9c2780042a9bea283c5d788268e0a6bbb9e2618cd4731de11a7240571
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6551672b0295d7d353d0d0fddea5abfe8d277fce2910f0316b2d234da2815ba0
703d9899d7c236c069883617ccb0567e8a343320520b3ba955dd534d730874b8
71b1ac9a80fed6d2e438879488cfa57cdd1ed5613e31e11f034586d35fd5b1c0
79e737ad60e3647d512c2162eccd3d1bf4652f891acf0a5330919b148855cf73
7a6052c45a867da0b002e37cfc4c04c4b86507e0785cd05ec0586b78ffec8eef
7c7a26f51bbfcf7102b9957c3aef210088491784c13cf30e848be4ed3484e3f5
7d58720202966ba0c8e2ee1994a9b9f9f488bb0e359b55865301a646cd8e2346
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88ebfe953d636a14102b8f695ada9eda9c5c0996d1e7bc7a04ef7938140f7e4b
ae708975bdc69bd579055bbba880ee4ab557bdcbc65dbeae591e6cf3c2f56f7d
afbaa3166010149c269df3dbeb50dea7acc9238b16d3d0e91dc4a03452cdcabc
d2681b47cefb40a11e08f129796c460003d5902de01a240afa29a6a4ebe8ecd3
d466418d4c7182eb70a73da834678c1c36ce029f68658c19abddedc305a2d0dc
dfc1ba4f78fd4d506d882af460566f540abe371e103782a23f9bceeb7667d745
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea1eb6453aeb19fb6dfeabbaa6aefb3aebf4897cdd031f3ea01083bf78682f0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f63127fd7d6e91d097b76dfe73ece639871162d2f2e6ad7584968dad3dfd70cf
fa4b83d4352e659c275d4545f59c06dec8dd6f06f177fa16ab7614480eea6816