urlscan.io logo urlscan.io
SecurityTrails logo

carinsurance.net Open in urlscan Pro
13.224.189.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tracking.carinsurance.net/
Effective URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Submission Tags: falconsandbox
Submission: On September 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 8 countries across 40 domains to perform 125 HTTP transactions. The main IP is 13.224.189.127, located in United States and belongs to AMAZON-02, US. The main domain is carinsurance.net.
TLS certificate: Issued by Amazon on July 17th 2022. Valid for: a year.
This is the only time carinsurance.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.51.237.18 16509 (AMAZON-02)
3 5 13.224.189.127 16509 (AMAZON-02)
15 13.32.99.57 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.85.121 16509 (AMAZON-02)
3 18.66.97.47 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.218.152.80 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 5 34.197.244.247 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 5 2620:1ec:c11:... 8068 (MICROSOFT...)
9 151.101.2.133 54113 (FASTLY)
2 95.101.27.14 20940 (AKAMAI-ASN1)
4 2.22.89.169 20940 (AKAMAI-ASN1)
1 54.200.110.156 16509 (AMAZON-02)
2 151.101.1.44 54113 (FASTLY)
1 65.108.205.23 24940 (HETZNER-AS)
4 199.68.195.197 19626 (EVC-AS)
8 54.88.241.216 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.21.233.17 24940 (HETZNER-AS)
1 44.241.90.245 16509 (AMAZON-02)
1 3.124.40.150 16509 (AMAZON-02)
1 13.225.84.206 16509 (AMAZON-02)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 54.187.80.122 16509 (AMAZON-02)
1 54.85.58.125 14618 (AMAZON-AES)
1 35.244.174.68 15169 (GOOGLE)
1 1 104.96.159.57 16625 (AKAMAI-AS)
3 52.215.16.237 16509 (AMAZON-02)
1 13.225.78.28 16509 (AMAZON-02)
2 2 34.235.183.60 14618 (AMAZON-AES)
1 52.59.153.178 16509 (AMAZON-02)
1 2 52.46.151.131 16509 (AMAZON-02)
2 20.75.32.255 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
2 141.226.228.48 200478 (TABOOLA-AS)
2 34.102.145.72 15169 (GOOGLE)
125 48
1    52.51.237.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-237-18.eu-west-1.compute.amazonaws.com
tracking.carinsurance.net
5    13.224.189.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-127.fra2.r.cloudfront.net
www.carinsurance.net
carinsurance.net
15    13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net
cdn.assurance.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:21f3:ea00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.ywxi.net
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.225.85.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-121.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
3    18.66.97.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-47.fra56.r.cloudfront.net
assets.assurance.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.218.152.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
5    34.197.244.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-244-247.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:9400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
9    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
2    95.101.27.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-14.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
4    2.22.89.169 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-22-89-169.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    54.200.110.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-110-156.us-west-2.compute.amazonaws.com
ads.nextdoor.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    65.108.205.23 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.23.205.108.65.clients.your-server.de
ads.revjet.com
4    199.68.195.197 (Hamilton, Bermuda)

ASN19626 (EVC-AS, BM)
c1.ox-bio.com
8    54.88.241.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-241-216.compute-1.amazonaws.com
create.leadid.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    65.21.233.17 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.233.21.65.clients.your-server.de
pix.revjet.com
1    44.241.90.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-90-245.us-west-2.compute.amazonaws.com
www.trustedsite.com
1    3.124.40.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-40-150.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    13.225.84.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-206.fra2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2    2620:1ec:27::cafe:1959 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    54.187.80.122 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-80-122.us-west-2.compute.amazonaws.com
flask.nextdoor.com
1    54.85.58.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-58-125.compute-1.amazonaws.com
deviceid.trueleadid.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    104.96.159.57 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    52.215.16.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    13.225.78.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net
sb.scorecardresearch.com
2    34.235.183.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-183-60.compute-1.amazonaws.com
usermatch.krxd.net
1    52.59.153.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-153-178.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    34.102.145.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.145.102.34.bc.googleusercontent.com
60ede17b9dc1b52ae71f0257.endpoint.csper.io
Apex Domain
Subdomains		 Transfer
18 assurance.com
cdn.assurance.com — Cisco Umbrella Rank: 476264
assets.assurance.com — Cisco Umbrella Rank: 589815
539 KB
14 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 2230
consumer.krxd.net — Cisco Umbrella Rank: 3034
beacon.krxd.net — Cisco Umbrella Rank: 741
usermatch.krxd.net — Cisco Umbrella Rank: 1847
181 KB
8 leadid.com
create.leadid.com — Cisco Umbrella Rank: 21650
5 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
411 KB
7 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 31191
cdn.trustedform.com — Cisco Umbrella Rank: 35916
42 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 19
41 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 787
b.clarity.ms — Cisco Umbrella Rank: 6740
c.clarity.ms — Cisco Umbrella Rank: 1178
26 KB
6 carinsurance.net
tracking.carinsurance.net
www.carinsurance.net
carinsurance.net
16 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 664
c.bing.com — Cisco Umbrella Rank: 408
13 KB
4 ox-bio.com
c1.ox-bio.com — Cisco Umbrella Rank: 567858
23 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1042
trc.taboola.com — Cisco Umbrella Rank: 918
trc-events.taboola.com — Cisco Umbrella Rank: 1865
20 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1027
90 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
84 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3469
629 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
3 KB
3 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2863
bs.serving-sys.com — Cisco Umbrella Rank: 1684
22 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
42 KB
2 csper.io
60ede17b9dc1b52ae71f0257.endpoint.csper.io — Cisco Umbrella Rank: 845710
218 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 415
2 KB
2 revjet.com
ads.revjet.com — Cisco Umbrella Rank: 4228
pix.revjet.com — Cisco Umbrella Rank: 5854
9 KB
2 nextdoor.com
ads.nextdoor.com — Cisco Umbrella Rank: 8597
flask.nextdoor.com — Cisco Umbrella Rank: 8143
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 amazonaws.com
s3-us-west-2.amazonaws.com
2 KB
2 ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 15416
13 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
502 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
263 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 826
491 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 607
98 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 22960
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 trustedsite.com
www.trustedsite.com — Cisco Umbrella Rank: 24898
941 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
409 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 159
16 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 35843
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
74 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3567
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
1 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 ixiaa.com Failed
kr.ixiaa.com Failed
0 go2app.org Failed
media.go2app.org Failed
125 40
Domain Requested by
15 cdn.assurance.com carinsurance.net
cdn.trustedform.com
8 create.leadid.com www.datadoghq-browser-agent.com
deviceid.trueleadid.com
7 www.google.com carinsurance.net
www.gstatic.com
www.google.com
6 cdn.krxd.net carinsurance.net
cdn.krxd.net
5 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 c1.ox-bio.com www.googletagmanager.com
carinsurance.net
4 analytics.tiktok.com carinsurance.net
analytics.tiktok.com
4 bat.bing.com carinsurance.net
bat.bing.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 cdnjs.cloudflare.com carinsurance.net
cdnjs.cloudflare.com
4 carinsurance.net 2 redirects www.datadoghq-browser-agent.com
3 beacon.krxd.net carinsurance.net
cdn.krxd.net
3 consumer.krxd.net cdn.krxd.net
3 www.google.de carinsurance.net
3 connect.facebook.net carinsurance.net
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 assets.assurance.com carinsurance.net
2 60ede17b9dc1b52ae71f0257.endpoint.csper.io cdn.trustedform.com
2 trc-events.taboola.com www.datadoghq-browser-agent.com
2 c.clarity.ms 1 redirects
2 b.clarity.ms www.datadoghq-browser-agent.com
2 s.amazon-adsystem.com 1 redirects
2 usermatch.krxd.net 2 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 googleads.g.doubleclick.net www.googleadservices.com
2 secure-ds.serving-sys.com carinsurance.net
www.datadoghq-browser-agent.com
2 www.google-analytics.com www.googletagmanager.com
carinsurance.net
2 cdn.trustedform.com carinsurance.net
api.trustedform.com
2 s3-us-west-2.amazonaws.com cdn.ywxi.net
2 cdn.ywxi.net carinsurance.net
1 c.bing.com 1 redirects
1 aa.agkn.com carinsurance.net
1 sb.scorecardresearch.com carinsurance.net
1 stags.bluekai.com 1 redirects
1 idsync.rlcdn.com carinsurance.net
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 flask.nextdoor.com carinsurance.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 www.trustedsite.com cdn.ywxi.net
1 pix.revjet.com ads.revjet.com
1 www.facebook.com carinsurance.net
1 trc.taboola.com cdn.taboola.com
1 stats.g.doubleclick.net www.datadoghq-browser-agent.com
1 ads.revjet.com carinsurance.net
1 cdn.taboola.com carinsurance.net
1 ads.nextdoor.com carinsurance.net
1 www.googleadservices.com www.googletagmanager.com
1 create.lidstatic.com cdn.assurance.com
1 www.googletagmanager.com cdn.assurance.com
1 www.datadoghq-browser-agent.com carinsurance.net
1 fonts.googleapis.com carinsurance.net
1 www.carinsurance.net 1 redirects
1 tracking.carinsurance.net 1 redirects
0 global.ib-ibi.com Failed carinsurance.net
0 kr.ixiaa.com Failed carinsurance.net
0 media.go2app.org Failed www.googletagmanager.com
125 57

This site contains links to these domains. Also see Links.

Domain
www.prudential.com
assurance.com
policies.google.com
Subject Issuer Validity Valid
carinsurance.net
Amazon		 2022-07-17 -
2023-08-15		 a year crt.sh
*.assurance.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.ywxi.net
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-21 -
2022-09-19		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
nextdoor.com
Amazon		 2022-05-05 -
2023-06-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.revjet.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-11		 a year crt.sh
ox-bio.com
QuoVadis Global SSL ICA G2		 2022-06-30 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
create.leadid.com
Amazon		 2021-10-22 -
2022-11-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.trustedsite.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh
*.endpoint.csper.io
Sectigo RSA Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh

This page contains 7 frames:

Primary Page: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Frame ID: AF4E6531FF775AC4B1EED3B3F193DD13
Requests: 100 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Frame ID: 64AAB46C50DD058F33F4FF0DCE27F7D2
Requests: 8 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: BE8C86235A697832E285558067FA042F
Requests: 11 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: 480DD5D6D5C21367DEC58C6ADDC51924
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: 587EC3B912A9EF6AD76C5A721C5BE831
Requests: 2 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 3906D436E563EFD83BE314237DD7DE7E
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/snapshot
Frame ID: 80D153F51AD82E78552237CC1AD75D5D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CarInsurance.net | Get a Quote

Page URL History Show full URLs

  1. http://tracking.carinsurance.net/ HTTP 302
    https://www.carinsurance.net/ HTTP 301
    https://carinsurance.net/ HTTP 301
    https://carinsurance.net/auto HTTP 302
    https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

125
Requests

94 %
HTTPS

34 %
IPv6

40
Domains

57
Subdomains

48
IPs

8
Countries

1770 kB
Transfer

4440 kB
Size

44
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tracking.carinsurance.net/ HTTP 302
    https://www.carinsurance.net/ HTTP 301
    https://carinsurance.net/ HTTP 301
    https://carinsurance.net/auto HTTP 302
    https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
Request Chain 90
  • https://stags.bluekai.com/site/26357?id=PExzEgmy&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DPExzEgmy%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=PExzEgmy&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 92
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PExzEgmy
Request Chain 93
  • https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PExzEgmy&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PExzEgmy&gdpr=0&dcc=t
Request Chain 104
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=C26F0D1CD50F486DAF6BD9D70A5FC630&RedC=c.clarity.ms&MXFR=1FF13656177264541E24244B13726AA0 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=C26F0D1CD50F486DAF6BD9D70A5FC630&MUID=36D6B858AF306C66147CAA45AE416D5D

125 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auto
carinsurance.net/
Redirect Chain
  • http://tracking.carinsurance.net/
  • https://www.carinsurance.net/
  • https://carinsurance.net/
  • https://carinsurance.net/auto?
  • https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
59 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-127.fra2.r.cloudfront.net
Software
/
Resource Hash
ef72b746c89c5f7ea09103e880059c4cd88b7045ec2a09bb658b569625f4115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

assur-appversion
1.0.711
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy-report-only
default-src 'self' *; img-src 'self' data: *; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-ancestors 'self' *.assurance.com; worker-src blob: *.assurance.com; report-uri https://60ede17b9dc1b52ae71f0257.endpoint.csper.io;
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 13:47:36 GMT
etag
W/"ef72b746c89c5f7ea09103e880059c4c"
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Origin
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-id
nJAZFQEXq_CI_FzawX34IWK9c0O6zpKdfWiylM9NojdIPn21Z2xbHg==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-request-id
f6f41b72-1005-4ee1-a847-40ba25123d53
x-runtime
0.139187
x-xss-protection
1; mode=block

Redirect headers

assur-appversion
1.0.711
cache-control
no-cache
content-encoding
gzip
content-security-policy-report-only
default-src 'self' *; img-src 'self' data: *; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-ancestors 'self' *.assurance.com; worker-src blob: *.assurance.com; report-uri https://60ede17b9dc1b52ae71f0257.endpoint.csper.io;
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 13:47:35 GMT
location
https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Origin
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-id
3KVNKVyLc3CUapUABX2ZImbsD8dtM4-kh-Hct_S4PPTLCLWbCpLP7Q==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-request-id
f7a620e2-3334-408b-ad57-a2b5e5048119
x-runtime
0.240972
x-xss-protection
1; mode=block
customer-40583abdeee4f23a2671f6c9f814587bfe218fb6fd82a2b190d954dc36b7cb7c.css
cdn.assurance.com/insurance/public/assets/ 		250 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer-40583abdeee4f23a2671f6c9f814587bfe218fb6fd82a2b190d954dc36b7cb7c.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
874c1974fbc90526cad17d7578ef78aa3801100d0a61198c3723097ed9de87ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:45:57 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 13:39:44 GMT
server
AmazonS3
age
159
etag
W/"fd46309720d90773775a0ed1dc540ba7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
i_lDPAgN4kyYmTa0wYoM7O5qCqYeKs_-UoPHzrIeirpfH4LnKZ8fbQ==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8878319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II5ct5TqkhdHNDHpvaD7XCc8L1ZrzcdFS6lHGRgROITwe%2FmZEaQzwNOZiScYEbbj0pvmBgj3dncEFU5jVql4mltkDnI8qQFSIdDTvQfi8kT2ES2U4Ki6bkUDlQzlLLr2f4Q8ShOlEJLh%2F%2FeWxBPd32yd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7499188febe6021d-ZRH
expires
Sat, 02 Sep 2023 13:47:36 GMT
utility-f7bb4f5bcc1b94a573b2556bcc5d55da20e91c40622bd57ab96ef504a03f98f5.js
cdn.assurance.com/insurance/public/assets/customer/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer/utility-f7bb4f5bcc1b94a573b2556bcc5d55da20e91c40622bd57ab96ef504a03f98f5.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
439072effbc41147849505d7f158a704f42c3d119d1efb871273f92cc016f45d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:54:11 GMT
content-encoding
gzip
last-modified
Sat, 10 Sep 2022 03:43:17 GMT
server
AmazonS3
age
28406
etag
W/"6660fa8121eeb5a907f7439b1ea10edb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
abW0rCZsxTSmFNxKV-2DF_3IsF7SNLIjod5_sTwh-QhNwGbFiMZkpA==
carinsurance-e04bfca82f46d1793c08c71fa3ccbeec3ae30b7e2de0bf4adba985bc658203b1.css
cdn.assurance.com/insurance/public/assets/customer/ 		2 KB
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer/carinsurance-e04bfca82f46d1793c08c71fa3ccbeec3ae30b7e2de0bf4adba985bc658203b1.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fb73dd6ca507503bf643848c39462bc542c3a42ea945a0d201e50225ea14b22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 20:50:39 GMT
content-encoding
gzip
last-modified
Sat, 10 Sep 2022 03:43:16 GMT
server
AmazonS3
age
61018
etag
W/"de6f3a204f0145eff5fdb1e4d4e463db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
35fLB7Lo2fFmw3RWm02GxVwTYBpacsleTo93r_9Y55rdkavg-MGZLA==
big_text-aa1f1a9675640fd426e5329a555c40af1ed76c06df8c1385adaa5a57d64bdb1c.css
cdn.assurance.com/insurance/public/assets/plates/ 		1 KB
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/plates/big_text-aa1f1a9675640fd426e5329a555c40af1ed76c06df8c1385adaa5a57d64bdb1c.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56bd23a2b119fa32184f524d60bcf19655ae2fb4fc6287cbcc19e879c1614583

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 06:15:31 GMT
content-encoding
gzip
last-modified
Fri, 09 Sep 2022 04:22:52 GMT
server
AmazonS3
age
27126
etag
W/"86d4640679c6c1e86d0ab1094ff0a7cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
a_ldOiK0pgSfKYiK5UIKeH-J3RE4EpQKsKW1VFMzR0EdDcPbSTxY8g==
recaptcha_v3-017e229e4e809625b2ba51f3ae90f12d0fc4d2e4d09c8db38f0aa27f34ffc678.js
cdn.assurance.com/insurance/public/assets/ 		424 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/recaptcha_v3-017e229e4e809625b2ba51f3ae90f12d0fc4d2e4d09c8db38f0aa27f34ffc678.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55577367a3c1ec34e2bc5d206aecd32a33df3699a273a036194db80b9810ad42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:56:03 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:53 GMT
server
AmazonS3
age
28294
etag
"8e0cdc1e02df7ff1205ad6e4dc5ffb54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
424
x-amz-cf-id
ZJF66_UnhPadkwVMit-eECOiTGihBhNhxA31AIoqd8X3ntKVHuWoFQ==
api.js
www.google.com/recaptcha/ 		943 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=executeRecaptcha&render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
26f53e669738c7f3480463145eb499f10c9a158ff4c7e79ff3bd31dd0707d60d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
605
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 13:47:36 GMT
gtm-c9df9717b10aae90ab8fb4c6d21ead6e4325ba553724979220261d9a15fb3e20.js
cdn.assurance.com/insurance/public/assets/install/carinsurance/ 		333 B
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/install/carinsurance/gtm-c9df9717b10aae90ab8fb4c6d21ead6e4325ba553724979220261d9a15fb3e20.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
286f5afc6d312e1dfe7966d39b7b8fda8a3cc4ca939df32ce5764b6392c9792c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:55:47 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:48 GMT
server
AmazonS3
age
21110
etag
"080f197c92de621f095686cd62ebda68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
333
x-amz-cf-id
_-GqQwSuho5zfXfGqXBC7nrh2-Ea_H-t9OwYZwEytOE4GqzVzbPm6A==
ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
cdn.assurance.com/insurance/public/assets/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:49:25 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:43 GMT
server
AmazonS3
age
21492
etag
"db64300811ffdb901937748066c4718e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
101895
x-amz-cf-id
_gWvqAhkKQbuxfD1QIE9rzA71Y-Ag64af3OjokXgYf0nUMlh-ZjGxQ==
loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
cdn.assurance.com/insurance/public/assets/icons/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:38:27 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:45 GMT
server
AmazonS3
age
7750
etag
"d6b028d0fe0d17991948c0b5c94e0a2e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
34936
x-amz-cf-id
_j5e7wwRUaFD9xyvKxN5pe_9_pG8eeQHmSwMuuiJuuT4xJyqf9TEGw==
bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
cdn.assurance.com/insurance/public/assets/icons/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 04:38:23 GMT
content-encoding
gzip
last-modified
Sat, 10 Sep 2022 00:35:05 GMT
server
AmazonS3
age
32954
etag
W/"b96ec18537d2a85fa46cfaa1fb2ed5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
IxXzREsGtx8E8a9lJPa2ZjYrfuZKcfnELdnX9a7NxIRCcX4bmXXkIQ==
1.js
cdn.ywxi.net/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ea00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
4567
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
WSHmkVvVoDXj6Rz4umWP3VEEB18p0mlwmTLiJM7q51H3qr9Jylmm_A==
expires
Mon, 12 Sep 2022 14:45:43 GMT
cssrelpreload.min.js
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 		1 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/cssrelpreload.min.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27550104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
414
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-4a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zFen1dhPpUBQb%2BR6BGh6L5UkupcdHrOJ%2F3CX92ZoHTvJXl6AH3O%2Fp%2FAJs%2Br5flzCmRh8GtcuZHEBsc%2FlrjbqqvmSoVy6oZKa68yZd0uF0MK99v6vzN1J2zAPMOIlpYTB8v9%2FJDV8owux59dbax72gsR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
749918904c9c021d-ZRH
expires
Sat, 02 Sep 2023 13:47:36 GMT
onloadCSS.min.js
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 		241 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/onloadCSS.min.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
142274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-f1"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lImtw7dyk8jc%2BJzbbpfu5TYkDdAmrJF5HRSfrag4SGPK57b2s2A8IhJysvdx6Yy3lXneqXfY0GcTANDem95UMD0FnGlzNJ3StT8fCkZfX%2BZoMyi8Aj76koo71LCbdf0fXNcTV91PUrIvIaOnc5qHRyfG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
749918904c9f021d-ZRH
expires
Sat, 02 Sep 2023 13:47:36 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 12:07:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:47:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:47:36 GMT
customer-6d6d5f25c483226660802a8dc80fde2508d70dbe16bfc883b86568b2b71dea48.js
cdn.assurance.com/insurance/public/assets/ 		607 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer-6d6d5f25c483226660802a8dc80fde2508d70dbe16bfc883b86568b2b71dea48.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cc14441141e54cffe5b74896183a86204b0dd710da5e969347dfef5efee9494

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:56:03 GMT
content-encoding
gzip
last-modified
Fri, 09 Sep 2022 04:22:42 GMT
server
AmazonS3
age
28294
etag
W/"34fa3db4e5309bded63fd14154160509"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
-Mzx1SO9nTZR4Z1pPXqG-fCYzoOkeoJilQyHsOgKI-bulWW0F90W0g==
leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
cdn.assurance.com/insurance/public/assets/ 		327 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0f16d06bf9ac41309a737c1a0dbf17f5b0d85457a9a3ac0f5e19ef9fc07e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 02:23:09 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Sat, 10 Sep 2022 00:35:09 GMT
server
AmazonS3
age
41068
etag
"73f14ec03bfcfe3c15aeb0572ac399d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
327
x-amz-cf-id
A4d7U8tI4R3UgVitNt__yFGBupTAqLuWhdFKz8zPKIKpLHXvinV3LA==
trustedForm-4a1205758bed9df95ef0ff78d02f73edd84361c32de02c6addd014f63fde670a.js
cdn.assurance.com/insurance/public/assets/ 		507 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/trustedForm-4a1205758bed9df95ef0ff78d02f73edd84361c32de02c6addd014f63fde670a.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87792716f5eabbf122dc3c4c9487684f8195a7560a129226a176c07590e62ea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:56:03 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:54 GMT
server
AmazonS3
age
28294
etag
"7dfc839c10f98e973592e10bccc3db71"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
507
x-amz-cf-id
cMzwxaNZwLRdACCxhfFyFrZbfXRAGXfPfGj-PLhoqHFgwg5FQzdmKA==
datadog-rum.js
www.datadoghq-browser-agent.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-121.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:28 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 12:21:08 GMT
server
AmazonS3
age
9
etag
W/"6f16bc452a225d7da116aa4c430872f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
xTL8MScsJnIOTa-LZoWHI6JrRJiUX_In1A00nhUCcqHBfvDNU4zQeg==
carinsurance.png
assets.assurance.com/img/logos/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.assurance.com/img/logos/carinsurance.png
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c178845b1dce0d9c8ed05ef12de434e07facdf0a08cfd8b6dc0b51b25313ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carinsurance.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 21:18:29 GMT
server
AmazonS3
age
12181093
etag
"067b5099df32f76ee580245193bda7ea"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000, s-maxage=31536000
date
Sun, 24 Apr 2022 14:09:24 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
8404
x-amz-cf-id
ArGEv8koYXWhj0LKvyRZ3rU4eNgQ37DReX0ZB_zqz_gKa8wXyxAJQA==
hero-auto-2.jpg
assets.assurance.com/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.assurance.com/img/hero-auto-2.jpg
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dfe071cfba8c01d4dda21471e0680c8227f4c9c1284d5e6083b81137f8cfbfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carinsurance.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 12:14:19 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 21:18:14 GMT
server
AmazonS3
age
17458398
etag
"30864832e672371b280662b9c80e688a"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
32692
x-amz-cf-id
1g3wHALbK0eZ1P4FYdTw-E9JL2Jk-CUmJNJq8xHTWsrGrqHYjgtJSA==
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://carinsurance.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1708856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYWXRfCYAASY%2F1pm3ATWwWktdTBiEGN2y9dR3pNe7faAIBqjH7V0pEffOC4IF7xJAxymr2%2FzZSKZIn9VKkr6QbMOXQVHe5KsyBgyHAb1y20%2Fm%2BTs%2FX3ZZ6LmLodHDB2zsaVw2ho67imX6gm%2BQhGEw6vN"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7499189089f201db-ZRH
expires
Sat, 02 Sep 2023 13:47:36 GMT
gtm.js
www.googletagmanager.com/ 		323 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Requested by
Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/carinsurance/gtm-c9df9717b10aae90ab8fb4c6d21ead6e4325ba553724979220261d9a15fb3e20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09b0329beec430dcd89d8c1921eb8aa58f5be35e06eda2939e906d210993c412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75307
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Sep 2022 13:47:36 GMT
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/ 		190 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/client.json?source=jsmain
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.152.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
bd422930f61f00fd79ea87d5745f7a539345a588828cfd42cab57a43f2e1f885

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:47:37 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
5T3DF2M0XRK7PQPE
x-amz-replication-status
COMPLETED
Content-Length
162
x-amz-id-2
/TittwjIdgNgK6YFY8fV/NxdQuOfIokviHJDJ/dhjciHsEOFGWbRlMARxjRzl8YKbYIj1P1AtTQ=
Last-Modified
Tue, 06 Sep 2022 15:37:13 GMT
Server
AmazonS3
ETag
"e5f00f5e0289886b9fea8be4093ead1c"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
psDEcOSVYUzu8KTY_YhlFjwR68tPHeQE
Access-Control-Allow-Origin
https://carinsurance.net
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/ 		190 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/client.json?source=jsinline
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.152.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
bd422930f61f00fd79ea87d5745f7a539345a588828cfd42cab57a43f2e1f885

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:47:37 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
5T3DB4C6FHSE04GT
x-amz-replication-status
COMPLETED
Content-Length
162
x-amz-id-2
hnIMVuUqGdY2FvCAe/PkCaf3bbXQ9erP3jyQh/tMtynid1GdG+h7w2w4M6wXABVo3lsFLJl2x9Q=
Last-Modified
Tue, 06 Sep 2022 15:37:13 GMT
Server
AmazonS3
ETag
"e5f00f5e0289886b9fea8be4093ead1c"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
psDEcOSVYUzu8KTY_YhlFjwR68tPHeQE
Access-Control-Allow-Origin
https://carinsurance.net
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
ic_close_black_24dp_2x.png
assets.assurance.com/img/icons/ 		235 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.assurance.com/img/icons/ic_close_black_24dp_2x.png
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 22 May 2022 10:53:33 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 21:18:16 GMT
server
AmazonS3
age
9773644
etag
"637093407c90164fe23f9a0239638b56"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
image/png
content-length
235
x-amz-cf-id
wwf6BqTlMhHpwL5p1BRAzegRH5GhiHxxFDAmSEjoSTxfhFai5fcv4Q==
cf934278-b099-eb50-bf86-105a165fcb4e.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by
Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea3f7aece0698a0dcb031494b5cda7bede672f6f519089c7f577f08167a5b38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 12 Nov 2021 01:23:19 GMT
server
cloudflare
age
1263
etag
W/"4635e57a24cd38a60066de61a2e99808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
x-amz-version-id
T1vJwZ3fBzSc5TLFcqWE7.YjAf3NMp7b
cf-ray
749918916943bb61-FRA
x-amz-request-id
DGQTDA7AGPFVHVHE
x-amz-id-2
TZrQAjq/yEtzVmO5Qsow+SgfCg2s8Spg5lHe39NaL3e6p0Gpp9D9iW+PPBhwmeswicTxZF/xLUQ=
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Server
2600:9000:223d:9400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 18:53:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"97d91c9803cec4e7981c0f415c2c1923"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
x-amz-cf-id
lpGxpR3b6nK_R6SqjX8iU-c1gwqolrdpMq08NKLYduLGNzYodFzzfQ==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
date
Mon, 12 Sep 2022 13:47:36 GMT
server
awselb/2.0
content-length
134
content-type
text/html
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://carinsurance.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 18:50:24 GMT
x-content-type-options
nosniff
age
586632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 18:50:24 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 		390 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=executeRecaptcha&render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://carinsurance.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158665
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 13:23:41 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2736
date
Mon, 12 Sep 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 12 Sep 2022 15:02:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15690
x-xss-protection
0
server
cafe
etag
13194339052015637803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 13:47:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22471
x-xss-protection
0
pragma
public
x-fb-debug
Y9Ad2EjTe3G1g9+0syOftOHiMOQm8pPGubJUX7xwi9a+qkmMXGUXqcepJ1sTkthnaUIWQDsmyNRK6t1t7bZvqA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:47:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 95B5E41F25C741228DD10146B83E3784 Ref B: FRAEDGE1114 Ref C: 2022-09-12T13:47:36Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Mon, 12 Sep 2022 13:47:36 GMT
accept-ranges
bytes
content-length
11367
t2d2oqsjx.js
cdn.krxd.net/controltag/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/t2d2oqsjx.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 12 Sep 2022 13:47:36 GMT
via
1.1 varnish, 1.1 varnish
age
993
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5406
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100069-IAD, cache-cdg20758-CDG
x-response-time
0
x-do-esi
esi
x-timer
S1662990457.812397,VS0,VE87
etag
"93edd8ea5c4f2330348d85ace0db1a265583c0e7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 2, 1
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744595
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-14.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:55:48 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"095a7b562e641bfc203fc3ef9697c6bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
21355
x-amz-cf-id
OKmx5PtSztdP8-FTyRy2YSFA71nq4sivrRBl3n7X9GWbp4Tnyt_FKw==
sdk.js
analytics.tiktok.com/i18n/pixel/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.89.169 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-89-169.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
997f7e108656ce5be4f101e5ebe0acc5b78ec29dfa15b99793d13dbbe93bb2de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id
760463bd.3560729
date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-215-159.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-22-88-169.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
117,2.22.88.169
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=11, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220912134736CCC558EF0DEE201CF481
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.48.215.159
x-tt-trace-host
01385de415a5676f228044e2b0b9508865b6fd46c0b9108c48ac875974a0fcc4dda961b534dc9e9a5fe44181c9c2d74fcae97664e4929bce3aba390109d2f982727d15fda7df487b7f53776a9cb9af90bed36ab2cde7c3fe4e9c2f1b9958577ebb
expires
Mon, 12 Sep 2022 13:47:36 GMT
dl.js
media.go2app.org/assets/js/ 		0
0
ndp.js
ads.nextdoor.com/public/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.110.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-110-156.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
last-modified
Sat, 10 Sep 2022 00:13:36 GMT
server
istio-envoy
etag
W/"631bd6b0-19c7"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
3
content-security-policy
frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
tfa.js
cdn.taboola.com/libtrc/unip/1212162/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1212162/tfa.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64e7f24d0ff547489600f62a513701166df07d6bf1e5dcdb87e1ef6ae2956daf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
HlijsSDZCl5HwPMI8Plhoz__jGYsuvsH
content-encoding
gzip
etag
"20ad80f88eb5d3de3c17c495cd999510"
age
97
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17957
x-amz-id-2
KAUea3TLjaXDeIUSybxvc2Zd/dPw5K3Is+bJ+9+VVEEXCzf67aTL/UiADMsyKYKgPfVkU1yKVRs=
x-served-by
cache-hhn4039-HHN
last-modified
Sun, 11 Sep 2022 11:03:22 GMT
server
AmazonS3
x-timer
S1662990457.804756,VS0,VE1
date
Mon, 12 Sep 2022 13:47:36 GMT
vary
Accept-Encoding
x-amz-request-id
GQMT583JSMPJMNJZ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
63
x-cache-hits
1
analytics
ads.revjet.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.revjet.com/analytics?acu=8435
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
65.108.205.23 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.23.205.108.65.clients.your-server.de
Software
nginx /
Resource Hash
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
last-modified
Sun, 21 Aug 2022 10:27:40 GMT
server
nginx
etag
W/"6302089c-4c14"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
expires
Mon, 12 Sep 2022 13:57:36 GMT
t0
c1.ox-bio.com/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=undefined&cid2=undefined&cid3=572521294
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
da0d9e333fa09f0fa126842170a5d2bc508fb85a6dec357cca75ca356e03380b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
cache-control
no-cache, must-revalidate
expires
Tue, 25 Dec 2018 14:00:00 GMT
content-type
application/javascript
anchor
www.google.com/recaptcha/api2/ Frame 64AA 		42 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a2ffb70a606fd3790d9bc16e75ca7c76f8c3c5296884e48dc75ddc4960719caf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a3XwNzC1TPFSVgQmnsqzbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21980
content-security-policy
script-src 'report-sample' 'nonce-a3XwNzC1TPFSVgQmnsqzbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:47:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GenerateToken
create.leadid.com/2.11.9/ 		36 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&_=646114955
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a497a9cea07e131f28563a94939a15358e5f694bd3eaeee3695da24f3417357b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73253617-8&cid=438906733.1662990457&jid=104454482&gjid=1377076054&_gid=1359338104.1662990457&_u=YGBAgEABAAAAAE~&z=1931149902
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Sep 2022 13:47:36 GMT
content-type
text/plain
access-control-allow-origin
https://carinsurance.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2138910312&t=pageview&_s=1&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&dp=%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy&ul=en-us&de=UTF-8&dt=CarInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=104454482&gjid=1377076054&cid=438906733.1662990457&tid=UA-73253617-8&_gid=1359338104.1662990457&gtm=2wg9705SBH6BJ&z=1662933839
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 17:09:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74305
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28d503bfec76a3b13f2f7733b4819013712326adc99c863bf4c96980e36e81ab
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
9256
x-xss-protection
0
pragma
public
x-fb-debug
Ms4B4EQLGvzWYfIVry6Ba+GV9HntDPuvNWREq4lYUiNHhZjeVD82Cs7ReVCXO2adoNeLI1nKMZ1QEM6rCBYKsQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:47:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
713459322354732
connect.facebook.net/signals/config/ 		50 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/713459322354732?v=2.9.5&r=c2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c5912af460c5565cb2d8e70d3bd0365f1afbb88b6ab43e90f310a401c8dd139
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
jTXWlgHRRfvLkA5oiu4+8d0hN9Dn+dEnhc1Z8VweZ711EesxhRpo7vldEkFHSWzN75TjmxOihQHhRD1riYxBug==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:47:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
trc.taboola.com/1212162/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1212162/trc/3/json?tim=1662990456826&data=%7B%22id%22%3A243%2C%22ii%22%3A%22%2Fauto%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1662990456820%2C%22cv%22%3A%2220220911-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dassurance-carinsurance-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1662990456825%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212162/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a0da447f2fb7e1202b741ec1419ab1f05b582574395ab9331885482a6b3acba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
server
nginx
x-timer
S1662990457.882034,VS0,VE22
x-served-by
cache-hhn4039-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
5223060.js
bat.bing.com/p/action/ 		1 KB
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5223060.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0114a3678bd59afbeaaea51ab321b38b75601040f0dd0d7b460b875c5cb2ca41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8E3FC2DA53BF4DA39A87C413DBDB2553 Ref B: FRAEDGE1114 Ref C: 2022-09-12T13:47:36Z
date
Mon, 12 Sep 2022 13:47:37 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
666
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=ec3c21f2-7b57-44da-aa22-1149fd428960&sid=75f3427032a111ed98b5c96287ac8758&vid=75f3651032a111eda37411416bac956b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CarInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy&r=&lt=2412&evt=pageLoad&sv=1&rn=445460
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F0D5819A47044B7856D6A9F8AB49CE0 Ref B: FRAEDGE1114 Ref C: 2022-09-12T13:47:36Z
date
Mon, 12 Sep 2022 13:47:36 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 64AA 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 05:06:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 64AA 		390 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158665
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 13:23:41 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=713459322354732&ev=PageView&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy&rl=&if=false&ts=1662990456899&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ph]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ct]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[st]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[zp]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.5&r=c2&ec=0&o=60&fbp=fb.1.1662990456898.1369520530&it=1662990456818&coo=false&rqm=GET
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 12 Sep 2022 13:47:36 GMT
1073744595
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 		122 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073744595
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-14.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
bt7qLJT1iCVWSAHKhmXRN.Td6szfW662
content-encoding
gzip
last-modified
Mon, 04 May 2020 21:59:20 GMT
server
ATS/7.1.0
x-amz-request-id
5PRVCPH18G4VNC7R
etag
"6cca99c84759289ef8e4ae63e8b2e2b9"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=48
date
Mon, 12 Sep 2022 13:47:37 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
120
x-amz-id-2
RtEhLsJyEZ6NLUIhOhKJ4mKW1uvokPck+npKlccAtI8aoghKibfVG6qqt9ZSAvb2TMmRntx0wss=
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2oqsjx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
gzip
age
1176745
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
16555
content-length
84509
x-served-by
cache-cdg20758-CDG
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1662990457.931082,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73253617-8&cid=438906733.1662990457&jid=104454482&_u=YGBAgEABAAAAAE~&z=2143955901
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73253617-8&cid=438906733.1662990457&jid=104454482&_u=YGBAgEABAAAAAE~&z=2143955901
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/773304124/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/773304124/?random=1662990456936&cv=9&fst=1662990456936&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5b71f9ccc5a2cdb004213082af57fbbc487825d63d7e12ad92b3eadc09debff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924896316/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924896316/?random=1662990456939&cv=9&fst=1662990456939&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c037b9a593a788961d8c3529d0e457c18e225c65416e91947c445680b9d9bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1096
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd3865
pix.revjet.com/track/ 		46 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.revjet.com/track/pd3865?__noscript=false&__cbf=revjet.callbacks.cb1662990456960&location=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy&referrer=
Requested by
Host: ads.revjet.com
URL: https://ads.revjet.com/analytics?acu=8435
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.21.233.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.233.21.65.clients.your-server.de
Software
/
Resource Hash
c5996152404045ab9a67dc06120b3d8a9b3553bc10f78efd75a67e7c2e5c6be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-length
46
content-type
text/javascript
ajax
www.trustedsite.com/rpc/ 		6 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=carinsurance.net&rand=1662990456968
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.90.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-90-245.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length
26
x-content-type-options
nosniff
202.svg
cdn.ywxi.net/meter/carinsurance.net/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ywxi.net/meter/carinsurance.net/202.svg?ts=1662478632005&l=en-US
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ea00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carinsurance.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2307
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
7295
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
04Vb7Rcz6FnDPVguXs_SjYHYJfdcurArm68iBC2WRN7KBRvK2kj_YA==
expires
Mon, 12 Sep 2022 14:09:09 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame BE8C 		805 B
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15427363
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Mon, 12 Sep 2022 13:47:37 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
127631
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-cdg20758-CDG
x-timer
S1662990457.015086,VS0,VE0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 64AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 19:40:09 GMT
x-content-type-options
nosniff
age
324448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 15 Sep 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
age
506456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 22:21:19 GMT
x-content-type-options
nosniff
age
573978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 64AA 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=g8G8cw32bNQPGUVoDvt680GA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 13:47:37 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.89.169 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-89-169.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id
609f0f51.35609b3
date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-62-155-137.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-22-88-169.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
112,2.22.88.169
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=13, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220912134737638181945D6C7722467D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.62.155.137
x-tt-trace-host
01385de415a5676f228044e2b0b95088651e7d0fb21fb5711a0d80e350c788197d543e108f3cc52923044dab029808f05fe1e645c9af2f6b7ab9c9baabc703eb37fd8f58fdf03f59146dcece66400352270ef326920c94d4592906af6ed334eb14
expires
Mon, 12 Sep 2022 13:47:37 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BSOM7NBLCPBMENBDH330&hostname=carinsurance.net
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.89.169 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-89-169.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c6c9bb9d9be05ad800b38b7b01982ba397ffbc49fe088ed14c4d57d034306e03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id
609f0e24.35609f7
date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-62-155-137.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-22-88-169.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
151,2.22.88.169
server-timing
cdn-cache; desc=MISS, edge; dur=125, origin; dur=28, inner; dur=3
content-length
19696
pragma
no-cache
server
nginx
x-tt-logid
20220912134737150564BE1A300E235C36
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,23.62.155.137
x-tt-trace-host
01385de415a5676f228044e2b0b95088651e7d0fb21fb5711a0d80e350c788197d543e108f3cc52923044dab029808f05ffbe0517ba2efa4ec5a910915a5a14b77fda2f47a6ec50489dc8d1068471277873d465d54f5e18b072a74e61cf272b385
expires
Mon, 12 Sep 2022 13:47:37 GMT
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/get/ 		239 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
061e0a9cd479f98068c3ea96d6159a1f9f1459ecf8f3a1b234470dd130ab1860

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a003-dub-prod.krxd.net, cache-hhn4059-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1662990457.367205,VS0,VE27
content-length
190
x-cache-hits
0, 0
Serving
bs.serving-sys.com/ 		390 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073744595&dispType=js&sync=0&sessionid=7443084772280084698&pageurl=$$https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy$$&activityValues=$$Session%3D5867030024176512059$$&ns=0&rnd=9668714870405153&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-40-150.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4348043b538e067d6005728e4019442091cd911a1194fd1d9cb4c2dde8a004bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
293
expires
Sun, 05-Jun-2005 22:00:00 GMT
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/set/ 		304 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/set/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns.assuranceiq.kxjsonp_consent_set_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0455b6324a96907c087b40bb2dbf708bde24df95b7976dd46d39ae74176d42a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
via
1.1 varnish
x-timer
S1662990457.367188,VS0,VE28
x-served-by
consumer-a004-dub-prod.krxd.net, cache-hhn4059-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=10
x-age
0
accept-ranges
bytes
content-encoding
gzip
content-length
245
x-cache-hits
0, 0
t2d2oqsjx.js
cdn.krxd.net/controltag/ Frame BE8C 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/t2d2oqsjx.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 12 Sep 2022 13:47:37 GMT
via
1.1 varnish, 1.1 varnish
age
993
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5406
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100069-IAD, cache-cdg20758-CDG
x-response-time
0
x-do-esi
esi
x-timer
S1662990457.212408,VS0,VE0
etag
"93edd8ea5c4f2330348d85ace0db1a265583c0e7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 2, 2
/
www.google.com/pagead/1p-user-list/924896316/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924896316/?random=1662990456939&cv=9&fst=1662987600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=169449309&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/924896316/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/924896316/?random=1662990456939&cv=9&fst=1662987600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=169449309&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/773304124/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/773304124/?random=1662990456936&cv=9&fst=1662987600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=1793455997&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/773304124/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/773304124/?random=1662990456936&cv=9&fst=1662987600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=1793455997&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 480D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-206.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
39984
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 12 Sep 2022 02:46:42 GMT
ETag
W/"6298d697-dbb"
Last-Modified
Thu, 02 Jun 2022 15:26:15 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
4tI6dZsGq2UcJclXbsDyKbVZ-DMkhX-ozq2aIP9AM-aY62njOeY-kg==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&_=646114956
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&_=646114957
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
5223060
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5223060
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5223060.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
57cdb901af2ad7f45530c9285412e4da588ed7eb7f456001f4ad69a39c3d72c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
x-powered-by
ASP.NET
x-azure-ref
0eTgfYwAAAAB7CNSKI/RWT784RQmjzpYBUk9NMzBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length
1733
expires
-1
reload
www.google.com/recaptcha/api2/ Frame 64AA 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
07cf06d7fe036a2b5a35756641daea3f6347167c036dab11d0ecedf5984ef4d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=snqvxughhvxf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18381
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 13:47:37 GMT
pixel
flask.nextdoor.com/ 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=2dbfff6b-6ba6-4f53-954c-9ed6c4963450&ev=PAGE_VIEW&pl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy&ndclid=&rf=&sem=&tm=0
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.80.122 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-80-122.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
context-id
36081743-b3d6-4da4-80e3-9fdc2f14babf
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame BE8C 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2oqsjx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
age
1176746
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
16556
content-length
84509
x-served-by
cache-cdg20758-CDG
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1662990457.377859,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
687 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.89.169 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-89-169.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
609f1b66.3560bc8
date
Mon, 12 Sep 2022 13:47:37 GMT
x-cache-remote
TCP_MISS from a23-62-155-137.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-22-88-169.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
149,2.22.88.169
server-timing
cdn-cache; desc=MISS, edge; dur=129, origin; dur=21, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220912134737E786F6A6759C0835E126
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.62.155.137
x-tt-trace-host
01385de415a5676f228044e2b0b95088651e7d0fb21fb5711a0d80e350c788197d543e108f3cc52923044dab029808f05f8ec73ec9fba75e83f0c5ebcc1f499fad3f25b8ccdeeee37f85e082ea44b02bffbbc0b3d66b0025929c90969c996f16bb
expires
Mon, 12 Sep 2022 13:47:37 GMT
verify_token
carinsurance.net/ 		14 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://carinsurance.net/verify_token
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-127.fra2.r.cloudfront.net
Software
/
Resource Hash
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
X-Requested-With
XMLHttpRequest
x-datadog-trace-id
9188446574244658610
x-datadog-parent-id
7776659958564786720
x-datadog-sampled
1

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' *; img-src 'self' data: *; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-ancestors 'self' *.assurance.com; worker-src blob: *.assurance.com; report-uri https://60ede17b9dc1b52ae71f0257.endpoint.csper.io;
x-cache
Miss from cloudfront
assur-appversion
1.0.711
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
f66deede-e12f-4cef-8cc6-36d4f72fd2a1
x-runtime
0.052875
access-control-allow-origin
*
referrer-policy
same-origin
x-frame-options
ALLOWALL
etag
W/"7cd85494eb375cc958155aca095fd0ba"
access-control-max-age
7200
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
icyiuOh1KKSPFulPL_v9kVw2n0QZGD1Pu3IX2o568tRku8UU3F7VXg==
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/get/ Frame BE8C 		224 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c66159fd842deb4cf345fd55f21626f9f0b9608a1df3d04f23f5b8f4728d657f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-dub-prod.krxd.net, cache-hhn4059-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1662990457.461355,VS0,VE31
content-length
182
x-cache-hits
0, 0
iframe.html
deviceid.trueleadid.com/ Frame 587E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.58.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-58-125.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Mon, 12 Sep 2022 13:47:37 GMT
etag
W/"62a74f42-1049"
expires
Tue, 13 Sep 2022 13:47:37 GMT
last-modified
Mon, 13 Jun 2022 14:52:50 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
379708.gif
idsync.rlcdn.com/ Frame BE8C 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=PExzEgmy
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame BE8C
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=PExzEgmy&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DPExzEgmy%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=PExzEgmy&partner=bluekai&bk_uuid=$_BK_UUID
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=PExzEgmy&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
cache-control
private, no-cache, no-store
x-request-time
D=16 t=1662990457
x-served-by
beacon-n016-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?_kuid=PExzEgmy&partner=bluekai&bk_uuid=$_BK_UUID
date
Mon, 12 Sep 2022 13:47:37 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame BE8C 		43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PExzEgmy&rn=1662990458
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-28.fra2.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
43
x-amz-cf-id
sphZUY7Z46gAcnWxRdQeZIIrC4qRqm_-4SOLkoVxs9F-dlAKntFRfw==
x-cache
Miss from cloudfront
content-type
image/gif
g.js
aa.agkn.com/adscores/ Frame BE8C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PExzEgmy
43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PExzEgmy
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Server
52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-153-178.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:38 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PExzEgmy
date
Mon, 12 Sep 2022 13:47:37 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
dcm
s.amazon-adsystem.com/ Frame BE8C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PExzEgmy&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PExzEgmy&gdpr=0&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PExzEgmy&gdpr=0&dcc=t
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:47:38 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
SD9M8K4EBZ8JGBFAQVNJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:47:38 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Y7DJAX8TEZN38YFZDNWX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PExzEgmy&gdpr=0&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
a.gif
kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame BE8C 		0
0
image.sbxx
global.ib-ibi.com/ Frame BE8C 		0
0
clarity.js
www.clarity.ms/eus2/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5223060
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:36 GMT
content-encoding
br
etag
"1d8bd4806fdad30"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0eTgfYwAAAAAaLxL293tTSYvpOhP9LlCyUk9NMzBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
c1.ox-bio.com/t04/ 		43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.ox-bio.com/t04/?v=139401666583647580&oxtrk=141&zk=764bf218-32a1-11ed-8eac-005056acfea9&zl=1720&ts0=1662990457595&zm=0
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:37 GMT
content-length
43
content-type
image/gif
collect
b.clarity.ms/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://carinsurance.net
date
Mon, 12 Sep 2022 13:47:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=4&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&_=646114958
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 587E 		0
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=8AA3F211-CA81-3833-51B1-095D2985DA90&lck=CF934278-B099-EB50-BF86-105A165FCB4E&methods=48&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&uuid=bc55c765b4b341d19b5bf28a30130757
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
optout_check
beacon.krxd.net/ 		84 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.assuranceiq.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f356bfb56fdff6b9ee5226a25eedc63236a68635f75fc14cc8b3cc85b4ba5888

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=30 t=1662990458
x-served-by
beacon-n016-dub-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		364 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=ca0023cf-396a-4831-8c8e-b18b28057cb6&technographics=1&callback=Krux.ns.assuranceiq.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e34663ea599b29b1404ec0adb15372c203b0b81d7a11fbda413f0613ac71d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Mon, 12 Sep 2022 13:47:38 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a009-ash-prod.krxd.net, cache-cdg20758-CDG
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1662990458.290516,VS0,VE86
content-length
277
x-cache-hits
0, 0
certs
api.trustedform.com/ Frame 3906 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f159347e7db254b448a1e0eb6e7c72157822090c8f50a74b7c01e02eb59e3e16

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=C26F0D1CD50F486DAF6BD9D70A5FC630&RedC=c.clarity.ms&MXFR=1FF13656177264541E24244B13726AA0
  • https://c.clarity.ms/c.gif?CtsSyncId=C26F0D1CD50F486DAF6BD9D70A5FC630&MUID=36D6B858AF306C66147CAA45AE416D5D
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=C26F0D1CD50F486DAF6BD9D70A5FC630&MUID=36D6B858AF306C66147CAA45AE416D5D
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:37 GMT
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"de363c295b2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:47:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4AF7E2DA59074E839AB1DD7E71003E0E Ref B: FRAEDGE1114 Ref C: 2022-09-12T13:47:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=C26F0D1CD50F486DAF6BD9D70A5FC630&MUID=36D6B858AF306C66147CAA45AE416D5D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
c1.ox-bio.com/k2/ 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.ox-bio.com/k2/?oxtrk=141&oxuid=ASS0001&zk=764bf218-32a1-11ed-8eac-005056acfea9&zl=1720&zm=0
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
content-length
43
content-type
image/gif
unip
trc-events.taboola.com/1212162/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1212162/log/3/unip?en=pre_d_eng_tb&tos=1644&scd=100&ssd=1&est=1662990456822&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1662990458467&vi=1662990456820&ri=17e6136b8572ef46e3b03fd7eb616040&ref=null&cv=20220911-7-RELEASE&item-url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://carinsurance.net
pragma
no-cache
date
Mon, 12 Sep 2022 13:47:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=t2d2oqsjx&_kpid=ca0023cf-396a-4831-8c8e-b18b28057cb6&_kcp_s=carinsurance.net&_kcp_d=carinsurance.net&_knifr=9&_kua_kx_tz=0&geo_country=de&geo_region=ni&geo_dma=276001&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_id=572521294&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=ni&_kua_kx_geo_dma=276001&_kua_kx_whistle=0&_kpa_carinsurance.net_url_path_1=auto&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=1&t_content_ready=2412&t_window_load=4178&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xsbnabwas&userdata_user=PExzEgmy%2Cxsbnabwas&sview=1&kplt0=40484&kplt1=40660&kplt2=41153&kplt3=43301&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fca0023cf-396a-4831-8c8e-b18b28057cb6%2C280%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2Fca0023cf-396a-4831-8c8e-b18b28057cb6%2C251%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C199%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=57 t=1662990458
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
trustedform-1.8.27.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.27.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16629904564480.5382902302865584&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:9400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
6olc5v40B1RpRJGb5GYISB93fSUp4tqK
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 18:53:06 GMT
server
AmazonS3
age
23
etag
W/"2f557edcc84fd346c897a4d565e57ac0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 13:47:17 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
402ViO3w0NXluiSz710eJMqH-H3h5yvZjjyXpJ1Q3vYv_-s051SPZQ==
snapshot
api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/ Frame 80D1 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:47:38 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
cdn.assurance.com/insurance/public/assets/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:49:25 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:43 GMT
server
AmazonS3
age
21494
etag
"db64300811ffdb901937748066c4718e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
101895
x-amz-cf-id
dnM2LvCcou73fCRGiMbwu8wx_YnlDxKXU7liSAZCtcZPWxLfSO1_9w==
loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
cdn.assurance.com/insurance/public/assets/icons/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:38:27 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:22:45 GMT
server
AmazonS3
age
7752
etag
"d6b028d0fe0d17991948c0b5c94e0a2e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
34936
x-amz-cf-id
wkGy0y0HncnFA3WSG1pXmI_84QW_gLFQjLjSo-v2XdrtGDRuVZJFGA==
bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
cdn.assurance.com/insurance/public/assets/icons/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 04:38:23 GMT
content-encoding
gzip
last-modified
Sat, 10 Sep 2022 00:35:05 GMT
server
AmazonS3
age
32956
etag
W/"b96ec18537d2a85fa46cfaa1fb2ed5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
CenUYO1PgyVWobH8p6k9UNSCmfS1NXMw-a0FwbxMDGo9tHkHEaXDmg==
fingerprints
api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/ Frame 80D1 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:47:38 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=ec3c21f2-7b57-44da-aa22-1149fd428960&sid=75f3427032a111ed98b5c96287ac8758&vid=75f3651032a111eda37411416bac956b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CarInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy&r=&lt=2412&evt=pageLoad&sv=1&rn=445460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8B2785EDF9D747FCB54082D4B137827A Ref B: FRAEDGE1114 Ref C: 2022-09-12T13:47:38Z
date
Mon, 12 Sep 2022 13:47:38 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
60ede17b9dc1b52ae71f0257.endpoint.csper.io/ 		14 B
71 B 		Other
General
Check archive.org
Download Go to
Full URL
https://60ede17b9dc1b52ae71f0257.endpoint.csper.io/
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.145.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.145.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7092e0687c721eaac768874134f3badafa0470df2bb9d197ade1094f468eae11

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
text/plain; charset=utf-8
/
60ede17b9dc1b52ae71f0257.endpoint.csper.io/ 		14 B
147 B 		Other
General
Check archive.org
Download Go to
Full URL
https://60ede17b9dc1b52ae71f0257.endpoint.csper.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.145.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.145.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7092e0687c721eaac768874134f3badafa0470df2bb9d197ade1094f468eae11

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
text/plain; charset=utf-8
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
text/javascript
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=5&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&_=646114959
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=6&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&_=646114960
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:38 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
c1.ox-bio.com/t01/ 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.ox-bio.com/t01/?d=7eDWW5DuGPzZS0BWVvl687a8Pby4+rhTKwmha5LvbpLwRDx0RfOyhBAU+KUDEjGEQNEwZL+hhEWPld71gPNzoLe5ega3OXoFa4AfaGWLsjK8zzFYpaBYoHX2GaEXMKJiV1fjPwcHOUdxFVo2BNargpDuNVIhraIILm0lGRcohfcSKqIr0jPFJzIlaOGA27l/WPn/Yc99yWvHNm4sib9zHU2Z0EL2JyRWoDkLSaSuo16jxnweLLLeM8CfoV8DGWwuftAlOLImRT3KOuKyO2+5Scvi9HWoJV+0XF/LkRx/ilnjCz0SZaAn9dT3c4/km4z3ard9+xNjEQzBGUxAqOuKWovhIe6uf3GERTCB5bwpiHXUwnOs8xvEoSUIo3/vcssgtL6jVDi0RmIlAooHAz2OswV2TtutqCijfI7TvNc9lBqYV6HnY9Hi6oTJnZ32q6RWBNmvTIusli6tGO+4GjmSN2G4Y+U5EbzCl4zvQXbbJnDIQpv26xRPLwLOyFXznZtgWeq35C9lPpXEH7KrHErgf9XheVBRSy5120FbchfoVqkMsL06VFNTYFa3U3ivqrDwzFWJS1XwX+9gxMx84zKUX2HyMVwxMhOh74LWWcl1oysf0akfJB/XxsLC0RLyiWLtLMN1Xl+7nxqBAwJoh5jU6dvONaXtFWoYJY4wJ1NXP1fMIGzdLj/7CRG1ciqtPOWntJnIoH+3zZzza5CJ8NkRxZny+sqBVNSIpDReERCYum1VK2icVu/GNIYZEBrbUd6PIIuELwh4nJGTtWQC/9Y4Go5zBYdvK1L8gS3xRUs8MbohSPzQOWaCMU9lWTKmEEtKFpyccHiJD+PoiyjKE6TMR0F0WeoMjMR+vbAM22HpVTBKZUpD3yTvZQzXWXflbBYs77TRbP6sRUIpMgcPkWW2jviuGP+RYGd2eDp2ywRXpssHzFOTpXF0J70PacueTVW9R545QpmzKpaumgUgrG8TGaO2Xoddcr+LdnJsKqFZQFwHMZf6rOxFJ2mSW62VUsU9mxqClFIsytGeWaxnftD0XTvFXoG1TEPYkWv4SUm5E6El0/t7BHK+e46nOBIURAODGIALfzcZom4i7rMgAQxEfLpBIzchSSEXNTc0+jM/qoZadzUZeZ/I3eADana3H9hiol0iZ/O2b9sM1etSvw0hGeKHuMsjR8bealUiliJK3yVj9lLEnzcmV80pO+1Ol+cmRk3GxZMdNOAvylciR8QtxF3HQH4NWW9kPZWnbzjyePvQHFFJAwuMaR3oiy5lfalsKBljraZ82eAwS3TJXCN51TuLlW1yIDAkEF0Wf2t+DVE3vOETBJf36I4wUDmtXGYHmRajSxVYH/YoYjdZqqbN7mvei2k2OjkCoHbdI9BTJBxA74FkUBU6Zk7YHyn7y4YW/Zy0jvrbFJsf+SZ0a3zyWkM2Sifod2VHf+Da7Xkab2/Va7pp5bh1Q4P0sK34hw4h2euQ0/FBVkLwEzMmdvr/onZV9NbYYjSBs6zx412nZqld5Bug8raEPeaR1yvce+4rYX5X+JPWKv2/tDPbijFvWtbk1dY+wTCAcphX8w/6JgKtfdYiQ44BbvA8PLtoVEu7RWKWDDTWblvDYZ1bzSJmdoWhM2wrE/FqZrkSqo3Gz9N6Gd5/9qVAdLTJJy9uAiW/wxFpoPIi+A8gMmI0kvbsrCqFUnV/5mc6updYWBNmgn+N+8NA60eQWeFCEnJ0VXZeE9gXZ5bkSFqd1XLxCQPCmflXpI+xILu0q0EefxxuFipszPmRT46CS5Dtbue7tBTKEdtsRxPYGEpClH/UZ7BedMc6SB0lk2Rh+FmV0p62dor5AwciXDYFZK3BHpOrNKB+t8cXN/1yDzqU8vF9RbWqzH4oGuQr1ofKtl8nk6Drw9RTKkJ87iXR0ajoEvWCRnGjNueZVDzeVh16xtiMBxx2cSOUqCjE3JhgMv2kNLGON1p2/SluKbdwI32aXY9YvieMF7F+/oKlVPj4OITSsk4Gf1QwL6xm2rlN5YgpWFxlesYCizIA7hDGc1qJ0rc2zJseJGVlJdaTP5snwcRDBW1kcJv9HBt18SQfyRPCRtiUVOv5asVeRYZ7ScmzpH4KX8uxMg9XKFmkGuGL7ZtxfsnJ5dsC197v6xxyDZ9St304xMF/LRLEpA5hu7dhJ/w/OqLjYYp+AsLCMrNyzEoeHCGQA+dJrRaTzLvLr7PYJ2Ms+PwTGkd6wuoHZAfsNI5EeO35aERzt1XpqVohXmFYGslMUiiZmlCnQkyJ4Uegp3BcyBjlNL8nGWB0dKBzARJppIjcBuQTFoxqID/T5M1K2IIvn9tjJ3tvS+8JadCeUwbVoRlqiQczJhkzTf2lTVjtCkwBe7v5LpX+hQKJFy+XEX+4yk+FYXiDZMzB6IDpGVX6QTZH4GT20Sjs/dtqfjLa0ecb+Ep7vl5PmNalSQ8DxP/IKFF006EGL8C516r5bRxoAYFdcH/qyT6uQ6rPv6mgo57uxRqX+IuLI0RnrO79ef4hvmzLq2N+RSWy8ld/tt8d9SxvIs0QLCQb64TtETMCBWk566xYO12/aDixhNZej8i12R0amSd5j3jyOfbNPgg2FjQKdz1uRFIrFpo4830oBD/BBMzf/BFnQA594oSSbFvSnKHqIBhxNRUxs6yhhpzybVU6lgfCZ7etMkGzvVhkG9wIGbGBvnr7j1G/NRWrq2vY971JfLM21M8+EYipIuPTlzxZGTNDDZr3pI0vlSjlSrj7yUSDA5IpUyBedBbu6yxvRQnoJJuaKM0GPjw+cWh5fmLhRUxsYX86Zeh1aV+1ElkcSeCzIGabKPe+Ja0HEfMcI6D3vyEZr3Q2Iq2HxZK0qIrByLsxcZVgm6S4GuCcMMUYCasXI0OxMacxfYO9J7PLJSCFgYmgdReZSqf4J5JracBkJC14+4rNw7Z6IOBqXQqyCq1K2l9TzIOVEha7gdIW+s1WMQv+qEAgKRJtyFH9MynWsXKyXcpWmwI80aaE+F45GdrPCLM5A7Lvu7l3nsqSg1kBQjRff3qwO9m50ltyJOwMFeK5DVj/76ZvYqR1Y3s7U1mnC6KlUWmyKZsoNw+5L5fYn1mJTM1HG8tyIfevK+dJjWIHV6cODQ9wrAAnZE80MnVYftzLIB4m5i4uCgGsEzdhIBLWuJpjCoO3OPm9cZvCaS0R3fb7/5t2MLJNoOD57ReP8uxc64qJ9Q1wCk0TZkI3MkGcL+wm05GY7VWtrvT5cHI89GA7HF7LOrYhPLuzgfR7JozMh1PEo14UGD0wUq80wKmiQpZtEGGR2eXtjYcSbhIhiAJ/EvlkWCiLDimPMdyhKCRSYLHmarGKnZavKvGYX8In0z1xMLiKM4nKl4Oh2NwJkhEYTHiW3oIxTYXxIypyhgbyJPSu97/55dFd8jOLBFx0m2B/lrkpQfF91z+Dtkc0FWC1PgbWkCdzrHfzuQPPTTFmB6WeRTUdwo2/J7tz39s9Fi+7zaleHdf0MCCLtj7yrsS+BFHygAV/hzR1e3i10qUg9UQQEZGcF4dNkYOUPiV71E07jVz/WMx0n/smZAeAJrWNgsbFMsMVOahjd8U=&c=2343898362&oxtrk=141&oxuid=ASS0001&zk=764bf218-32a1-11ed-8eac-005056acfea9&zl=1720&oxltc=310&zm=0
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.197 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:47:39 GMT
content-length
43
content-type
image/gif
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=7&pid=81cf1cda-430a-405e-83d6-b6e61052beb0&token=C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8&_=646114961
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 13:47:39 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://carinsurance.net
date
Mon, 12 Sep 2022 13:47:39 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
events
api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/ Frame 80D1 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/09ba461d9692c8701cfd77301076e9272cfe7072/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:47:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
unip
trc-events.taboola.com/1212162/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1212162/log/3/unip?en=pre_d_eng_tb&tos=4645&scd=100&ssd=1&est=1662990456822&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1662990461468&vi=1662990456820&ri=17e6136b8572ef46e3b03fd7eb616040&ref=null&cv=20220911-7-RELEASE&item-url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy%23auto_legacy%2FHas_Car_Policy
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://carinsurance.net
pragma
no-cache
date
Mon, 12 Sep 2022 13:47:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
media.go2app.org
URL
http://media.go2app.org/assets/js/dl.js
Domain
kr.ixiaa.com
URL
https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=PExzEgmy

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| setIsGoogleMapsLoaded function| setSelectionRange function| setCaretToPos function| getParameterByName function| getParameters function| getParametersJSON function| isValidEmail function| isValidPhone function| isValidLeadPassword function| isValidDate function| isValidMedicareEffectDate function| isValidMonth function| isValidDay function| isValidYear function| sendGAEvent function| sendGAPageview function| getGAClientId function| sendCriteoPageview function| sendCriteoBasket function| sendCriteoConversion function| getSubdomain function| appBaseUrl function| getAgeFromDOB function| setCookie function| getCookie function| deleteCookie function| inIframe function| defer function| googWcmCallback function| formattedNumber function| initLuckyOrangeSite function| setMaxInterval function| alphaOnly function| autoFocusContinueOnMobile function| trackVisitorClick function| isValidAddress function| getGaTrackerName string| DEFAULT_ZIP object| App object| gon object| dataLayer function| executeRecaptcha object| TrustedSite number| TrustedSite_done object| TrustedSiteInline function| loadCSS function| onloadCSS function| hideBGImage function| changeHeader function| hideProgress function| hideBGImageLife function| changeHeaderLife function| hideProgressLife function| clickMaskedFieldEvent function| triggerNextClick function| updatePlateContent function| plateSwipeTransitionComplete function| tryPlateSubmit function| createEssentialExtrasPlateEvent function| buildPlateSubmitData function| getBrowserData function| getPlateButtonLoadingHTMl function| updatePlateButtonContent function| restoreAllPlateButtonContent function| restorePlateButtonContent function| disableAllPlateButtons function| enableAllPlateButtons function| updatePlateProgress function| revertPlateButtonContent function| scrollTop function| scrollToTop function| notifyGenericLoader function| updatePluralCopy function| redirectToURL function| focusFirstPlateInput function| focusNextPlateInput function| atLeastOnePlateCheckboxSelected function| updateHeaderMessage function| addObjectBlock function| removeObjectBlock function| fixObjectBlockIndexes function| validateObjectBlocks function| validateNonEmptyObjectBlocks function| isObjectBlockVisibleAndEmpty function| encodeObjectBlockJSON function| parentDepthFilter function| getStructuredObjectBlocks function| validateVisibleObjectBlocks function| encodeStructuredBlockJSON function| validateInput function| inputsValidatedForAttention function| validateRequired function| validateMultiple function| validateDropdown function| validateEmail function| exists function| validateEmailIfExists function| validateMBINumber function| validateMIDNumber function| validateNameField function| validatePhone function| validateAddressPoBox function| validateZip function| validateNoOp function| validateDOB function| validateLumicoChildDOB function| validateHealthDOB function| maxChildAgeForState function| validateHealthChildDOB function| validateAnyDate function| validatePlanDate function| validateYear function| validateCardExpirationYear function| validateMonth function| validateDay function| validatePositive function| validateNonNegative function| validateLeadPassword function| notifyAndScroll function| notifyBelowElementWithoutScrollForPbp function| notifyBelowElementWithoutScroll function| isValidPlanDate function| onblurTextEventHandler function| onblurEmailEventHandler function| onblurPhoneEventHandler function| onblurDateEventHandler function| onblurAnyDateEventHandler function| onblurMedicareEffectiveDateEventHandler function| onblurPastDateEventHandler function| onblurHealthChildBirthdateEventHandler function| onblurCardExpirationYearEventHandler function| onblurCCEventHandler function| onblurYearEventHandler function| onblurMonthEventHandler function| onblurDayEventHandler function| onblurSelectEventHandler function| onblurLeadPasswordEventHandler function| onblurAddressEventHandler function| onblurSimpleEventHandler function| onblurRequiredCheckboxEventHandler function| onblurAbstractEventHandler function| onchangeRadioEventHandler function| onchangePlanDateHandler function| validateResidentialAddress function| validateSsn function| isValidSsn function| validateRoutingNumber function| isValidRoutingNumber function| validateBeneficiaryPercentage function| validateRequiredVisible function| refreshOnChange function| validatePersonalLoanAmount function| validateDrivingLicense function| validateStreetAddress function| checkAddressValidity function| checkEnteredDateIsFutureDate function| checkIssuedDateIsPastDate function| initForms function| loadScriptAndExecute function| scrollPlateToTop function| scrollWindowToTop function| initPopovers function| initTooltips function| initPlaceholders function| initTCPACheckbox function| initMaskFields function| initEditableFields function| initMaskElement function| initNewMaskFields function| initValidateFields function| initWindowUnloadEventExceptions function| initWindowUnloadEvent function| initDatePicker function| initRetreaver function| initKeyAssist function| initAutocomplete function| initLiveChat function| formatElementId function| addTestIdInElement function| checkIfTestIdIsRepeated function| initTestID function| initPlateButtons function| initStateLoaderAnimation function| initTactileRadioButtonSet function| initRadioButtonSet function| initJSONPlateButtons function| initStructuredJSONPlateButtons function| initPlateProgress function| initFingerprint function| initResultModal function| initSliders function| initAccordions function| initAccordionsOnRadioToggle function| invokeAccordion function| showVehicleButton function| resetCheckedValuesForHiddenAccordion function| initMainFormElements function| initAttentions function| revalidateAllAttentionsAndChain function| initPlateHashes function| verifyRecaptchaToken function| tcpaCheckbox function| initBackButton function| initNavigateBackHistorySession function| initComplianceBox function| initToggleSelectors function| initHealthComplianceBox function| initPolicyBasedOpenPlatButton function| initCustomRangeSlider function| initPrubrandedPlate function| isHandHeldDevice function| submitPatchRequest function| submitPlateRequest function| getClickListings function| getPlateServicesQuotes function| getPlateServicesAds function| trackResultsPageVisit function| requestLumicoQuote function| updateReqBodyWithQuoteId function| updateRumContext function| CreateGuid object| Validator object| Formatter function| _typeof boolean| windowIsDefined number| triggerNextClickMutex string| PLATE_BUTTON_LOADING_HTML function| $ function| jQuery function| Inputmask object| bowser function| Slider function| Fingerprint2 function| Cleave object| FraudDetector object| SmartTouch object| DD_RUM object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| addDataDogRumContext object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| uetq function| Krux object| versaTagObj string| hasoffers_domain function| ndp object| _tfa object| revjet object| recaptcha object| closure_lm_301135 object| LeadiDconfig object| LeadiD object| gaplugins object| gaGlobal object| gaData object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| UET function| UET_init function| UET_push object| ueto_fe611097e6 object| $jscomp function| $jscomp$lookupPolyfilledValue object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| TiktokAnalyticsObject object| ttq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording string| label string| id boolean| sensitiveData object| defaultStyleFrame function| TiktokJelly object| _jelly_sdks undefined| oneTagObj function| ebDecode object| bsResponseObj function| clarity function| gtag object| A object| regeneratorRuntime string| II11I11II111I11II1I11II1II1II string| II11II11II1I111II111II1I1I1I1

44 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOj27Me8BxbqiQi00hevpuF8tQVo2KkLHxMoVjZS194hVN_VAi5BNBL-uQolRp5O7nLXiSxs65B26bomS-X_d7E
carinsurance.net/ Name: path_split_auto
Value: auto_legacy
carinsurance.net/ Name: test_split_auto_payfone_call_api
Value: control
carinsurance.net/ Name: test_split_auto_payfone_use_api_response
Value: control
carinsurance.net/ Name: test_split_auto_payfone_prefill_pn
Value: control
carinsurance.net/ Name: test_split_auto_control_wifi_no_mail_SPO857
Value: control
carinsurance.net/ Name: test_split_auto_payfone_auth_flow_always_call_identity
Value: control
carinsurance.net/ Name: test_split_auto_legacy_path_credit_pull_tcpa_pf_454
Value: show
carinsurance.net/ Name: test_split_auto_contact_preference_spo_1478
Value: control
carinsurance.net/ Name: test_split_digital_trustedsite_spo1561
Value: control
carinsurance.net/ Name: retreaver_id
Value: WG1wek5DbEgwNjJjOE9XRmNzYnJxY282SUJhSjZyN3l2WGRsTzBJZUR5ND0tLXg1aWRFWWljNXZBbElWTUIvOXl2Y3c9PQ%3D%3D--7a31a7ff5d545bb2943fad39bc9adb6e2664b731
carinsurance.net/ Name: insurance
Value: bd4511016e6f1939f492d82746ea5b7e
carinsurance.net/ Name: _dd_s
Value: rum=0&expire=1662991356493
.carinsurance.net/ Name: _ga
Value: GA1.2.438906733.1662990457
.carinsurance.net/ Name: _gid
Value: GA1.2.1359338104.1662990457
.carinsurance.net/ Name: _dc_gtm_UA-73253617-8
Value: 1
.bing.com/ Name: MUID
Value: 36D6B858AF306C66147CAA45AE416D5D
.carinsurance.net/ Name: _uetsid
Value: 75f3427032a111ed98b5c96287ac8758
.carinsurance.net/ Name: _uetvid
Value: 75f3651032a111eda37411416bac956b
.carinsurance.net/ Name: _fbp
Value: fb.1.1662990456898.1369520530
.facebook.com/ Name: fr
Value: 0n11xvMAqVXxURVdm..BjHzh4...1.0.BjHzh4.
carinsurance.net/ Name: trustedsite_visit
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.revjet.com/ Name: trx
Value: 5115666977950832932
carinsurance.net/ Name: leadid_token-8AA3F211-CA81-3833-51B1-095D2985DA90-CF934278-B099-EB50-BF86-105A165FCB4E
Value: C0A78340-D6CE-69AF-4E6E-EF1E8C6317F8
.tiktok.com/ Name: _ttp
Value: 2EfdE521fBWTttVBfmbpR8GLDnW
.carinsurance.net/ Name: _tt_enable_cookie
Value: 1
.carinsurance.net/ Name: _ttp
Value: 7935071a-b65c-4370-b8e3-30a062f8607f
bs.serving-sys.com/ Name: OT_1073744595
Value: 1
.serving-sys.com/ Name: OT2
Value: 1000Hj1rb5
.serving-sys.com/ Name: u2
Value: e6724207-603d-49cc-b423-cf9233f5cbf24IL060
.krxd.net/ Name: _kuid_
Value: PExzEgmy
www.clarity.ms/ Name: CLID
Value: d1b900135f684a838257b70767c1ea9c.20220912.20230912
www.trustedsite.com/ Name: AWSALBCORS
Value: cwpyiiyusFEwJ/s6ba3BmfziaTnlvpIGbMXFXpap6W9da5PK1eA95tyezKKP/tt6Ysk+PFD/39uGaAxiHiCYrTT0gdmtFs50cYk0oCyUul7mQntvQp+1H58m7LIS
.carinsurance.net/ Name: _clck
Value: townxm|1|f4t|0
.deviceid.trueleadid.com/ Name: uuid
Value: bc55c765b4b341d19b5bf28a30130757
.agkn.com/ Name: ab
Value: 0001%3A4uTPIIjpZq%2FhHuvoTOMYtRXKqUhMkQjn
.carinsurance.net/ Name: _clsk
Value: 1wzc8sw|1662990458462|1|1|b.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 36D6B858AF306C66147CAA45AE416D5D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 36D6B858AF306C66147CAA45AE416D5D
.c.clarity.ms/ Name: ANONCHK
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A-S4l1i2B0bhuTpy0icB2XI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

7 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ(Line 384)
Message:
Mixed Content: The page at 'https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy#auto_legacy/Has_Car_Policy' was loaded over HTTPS, but requested an insecure script 'http://media.go2app.org/assets/js/dl.js'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/379708.gif?partner_uid=PExzEgmy
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=PExzEgmy
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
other warning
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security error URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Message:
[Report Only] Refused to create a worker from 'data:text/javascript;base64,dmFyIEEsRD0xL01hdGgubG9nKDI1MyksUT0vW15hLXphLdGPMC05Xz9dKy9nO2Z1bmN0aW9uIHcoQSl7dmFyIEQ9YXJndW1lbnRzLmxlbmd0aD4xJiZ2b2lkIDAhPT1hcmd1bWVudHNbMV0/YXJndW1lbnRzWzFdOltdO3JldHVybiBELmxlbmd0aD93KEEucmVwbGFjZShELnNoaWZ0KCksRC5zaGlmdCgpKSxEKTpBfWZ1bmN0aW9uIEIoQSxEKXtyZXR1cm4gdyhBLnRvTG93ZXJDYXNlKCksWyInIiwiIiwiPyIsIiA/ICIsInUucy4iLCJ1cyIsUSwiICJdKS50cmltKCkuc3BsaXQoL1xXKy8pLmZpbHRlcigoZnVuY3Rpb24oQSl7cmV0dXJuIUQuQVtBXX0pKX1mdW5jdGlvbiBNKCl7cmV0dXJuIE9iamVjdC5jcmVhdGUobnVsbCl9ZnVuY3Rpb24...swREJBTTBBejhtQXdRRE53TURKd01FQTg4REJBT0NBeE1vQXdZRUhnUWdBM2NEQXlrREJnUk5BeVFENHdNREtnTUVBejhEQXl3REJBT3NBd011QXdVRExRUXBBd015QXdRREhRTURNd01FQTdNREJBTVRCQzA0QXdRRGpnTURPUU1FQTZJREF6MERCQU82QXdOQUF3UURFd01EUWdNRUE3d0RBMFFEQkFNSUF3TkdBd1FEdmdNRFNRTUVCQ1FEQTFjREJRUk1BMGdEQTJzREJBTTBBd09NQXdRRUpRTURrd01FQThVREE2UURCQU9DQXdQTEF3UUVMUU1ENWdNRUF4d0RBdz09IikpKS5YKEQpO3JldHVybiJ0Ij09PVEuY2F0ZWdvcnkmJlEubz49Ljc/US5vOjB9Y2F0Y2goQSl7cmV0dXJuIDB9fShRLnRleHQpO3JldHVybiBzZWxmLnBvc3RNZXNzYWdlKHtpZDp3LHJlc3BvbnNlOkJ9KX07' because it violates the following Content Security Policy directive: "worker-src blob: *.assurance.com".
security error URL: https://carinsurance.net/auto?token=572521294-WxhahUcYvaxSZTsqrgqc8Ax-_DbLmqCgz_qB9suau2zXj2wa3nc2Br4UCtPPmcvy#auto_legacy/Has_Car_Policy
Message:
[Report Only] Refused to create a worker from 'data:text/javascript;base64,dmFyIEEsRD0xL01hdGgubG9nKDI1MyksUT0vW15hLXphLdGPMC05Xz9dKy9nO2Z1bmN0aW9uIHcoQSl7dmFyIEQ9YXJndW1lbnRzLmxlbmd0aD4xJiZ2b2lkIDAhPT1hcmd1bWVudHNbMV0/YXJndW1lbnRzWzFdOltdO3JldHVybiBELmxlbmd0aD93KEEucmVwbGFjZShELnNoaWZ0KCksRC5zaGlmdCgpKSxEKTpBfWZ1bmN0aW9uIEIoQSxEKXtyZXR1cm4gdyhBLnRvTG93ZXJDYXNlKCksWyInIiwiIiwiPyIsIiA/ICIsInUucy4iLCJ1cyIsUSwiICJdKS50cmltKCkuc3BsaXQoL1xXKy8pLmZpbHRlcigoZnVuY3Rpb24oQSl7cmV0dXJuIUQuQVtBXX0pKX1mdW5jdGlvbiBNKCl7cmV0dXJuIE9iamVjdC5jcmVhdGUobnVsbCl9ZnVuY3Rpb24...swREJBTTBBejhtQXdRRE53TURKd01FQTg4REJBT0NBeE1vQXdZRUhnUWdBM2NEQXlrREJnUk5BeVFENHdNREtnTUVBejhEQXl3REJBT3NBd011QXdVRExRUXBBd015QXdRREhRTURNd01FQTdNREJBTVRCQzA0QXdRRGpnTURPUU1FQTZJREF6MERCQU82QXdOQUF3UURFd01EUWdNRUE3d0RBMFFEQkFNSUF3TkdBd1FEdmdNRFNRTUVCQ1FEQTFjREJRUk1BMGdEQTJzREJBTTBBd09NQXdRRUpRTURrd01FQThVREE2UURCQU9DQXdQTEF3UUVMUU1ENWdNRUF4d0RBdz09IikpKS5YKEQpO3JldHVybiJ0Ij09PVEuY2F0ZWdvcnkmJlEubz49Ljc/US5vOjB9Y2F0Y2goQSl7cmV0dXJuIDB9fShRLnRleHQpO3JldHVybiBzZWxmLnBvc3RNZXNzYWdlKHtpZDp3LHJlc3BvbnNlOkJ9KX07' because it violates the following Content Security Policy directive: "worker-src blob: *.assurance.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60ede17b9dc1b52ae71f0257.endpoint.csper.io
aa.agkn.com
ads.nextdoor.com
ads.revjet.com
analytics.tiktok.com
api.trustedform.com
assets.assurance.com
b.clarity.ms
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c.bing.com
c.clarity.ms
c1.ox-bio.com
carinsurance.net
cdn.assurance.com
cdn.krxd.net
cdn.taboola.com
cdn.trustedform.com
cdn.ywxi.net
cdnjs.cloudflare.com
connect.facebook.net
consumer.krxd.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
idsync.rlcdn.com
kr.ixiaa.com
media.go2app.org
pix.revjet.com
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
stags.bluekai.com
stats.g.doubleclick.net
tracking.carinsurance.net
trc-events.taboola.com
trc.taboola.com
usermatch.krxd.net
www.carinsurance.net
www.clarity.ms
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.trustedsite.com
global.ib-ibi.com
kr.ixiaa.com
media.go2app.org
104.96.159.57
13.224.189.127
13.225.78.28
13.225.84.206
13.225.85.121
13.32.99.57
141.226.228.48
142.250.74.194
151.101.1.44
151.101.2.133
18.66.97.47
199.68.195.197
2.22.89.169
20.234.93.27
20.75.32.255
2600:9000:21f3:ea00:14:6bfc:5740:93a1
2600:9000:223d:9400:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2606:4700::6811:190e
2620:1ec:27::cafe:1959
2620:1ec:c11::200
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.124.40.150
34.102.145.72
34.197.244.247
34.235.183.60
35.244.174.68
44.241.90.245
52.215.16.237
52.218.152.80
52.46.151.131
52.51.237.18
52.59.153.178
54.187.80.122
54.200.110.156
54.85.58.125
54.88.241.216
65.108.205.23
65.21.233.17
95.101.27.14
0114a3678bd59afbeaaea51ab321b38b75601040f0dd0d7b460b875c5cb2ca41
0455b6324a96907c087b40bb2dbf708bde24df95b7976dd46d39ae74176d42a5
061e0a9cd479f98068c3ea96d6159a1f9f1459ecf8f3a1b234470dd130ab1860
07cf06d7fe036a2b5a35756641daea3f6347167c036dab11d0ecedf5984ef4d0
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc
09b0329beec430dcd89d8c1921eb8aa58f5be35e06eda2939e906d210993c412
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c5912af460c5565cb2d8e70d3bd0365f1afbb88b6ab43e90f310a401c8dd139
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1
26f53e669738c7f3480463145eb499f10c9a158ff4c7e79ff3bd31dd0707d60d
286f5afc6d312e1dfe7966d39b7b8fda8a3cc4ca939df32ce5764b6392c9792c
28d503bfec76a3b13f2f7733b4819013712326adc99c863bf4c96980e36e81ab
2c178845b1dce0d9c8ed05ef12de434e07facdf0a08cfd8b6dc0b51b25313ba2
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4348043b538e067d6005728e4019442091cd911a1194fd1d9cb4c2dde8a004bb
439072effbc41147849505d7f158a704f42c3d119d1efb871273f92cc016f45d
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
4dfe071cfba8c01d4dda21471e0680c8227f4c9c1284d5e6083b81137f8cfbfd
4ea3f7aece0698a0dcb031494b5cda7bede672f6f519089c7f577f08167a5b38
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
55577367a3c1ec34e2bc5d206aecd32a33df3699a273a036194db80b9810ad42
56bd23a2b119fa32184f524d60bcf19655ae2fb4fc6287cbcc19e879c1614583
57cdb901af2ad7f45530c9285412e4da588ed7eb7f456001f4ad69a39c3d72c8
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1
64e7f24d0ff547489600f62a513701166df07d6bf1e5dcdb87e1ef6ae2956daf
67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458
6a0f16d06bf9ac41309a737c1a0dbf17f5b0d85457a9a3ac0f5e19ef9fc07e5f
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
7092e0687c721eaac768874134f3badafa0470df2bb9d197ade1094f468eae11
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a0da447f2fb7e1202b741ec1419ab1f05b582574395ab9331885482a6b3acba
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
7e34663ea599b29b1404ec0adb15372c203b0b81d7a11fbda413f0613ac71d85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874c1974fbc90526cad17d7578ef78aa3801100d0a61198c3723097ed9de87ce
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87792716f5eabbf122dc3c4c9487684f8195a7560a129226a176c07590e62ea2
8fb73dd6ca507503bf643848c39462bc542c3a42ea945a0d201e50225ea14b22
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997f7e108656ce5be4f101e5ebe0acc5b78ec29dfa15b99793d13dbbe93bb2de
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc14441141e54cffe5b74896183a86204b0dd710da5e969347dfef5efee9494
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ffb70a606fd3790d9bc16e75ca7c76f8c3c5296884e48dc75ddc4960719caf
a497a9cea07e131f28563a94939a15358e5f694bd3eaeee3695da24f3417357b
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a4c037b9a593a788961d8c3529d0e457c18e225c65416e91947c445680b9d9bb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b5b71f9ccc5a2cdb004213082af57fbbc487825d63d7e12ad92b3eadc09debff
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bd422930f61f00fd79ea87d5745f7a539345a588828cfd42cab57a43f2e1f885
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5996152404045ab9a67dc06120b3d8a9b3553bc10f78efd75a67e7c2e5c6be9
c66159fd842deb4cf345fd55f21626f9f0b9608a1df3d04f23f5b8f4728d657f
c6c9bb9d9be05ad800b38b7b01982ba397ffbc49fe088ed14c4d57d034306e03
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da0d9e333fa09f0fa126842170a5d2bc508fb85a6dec357cca75ca356e03380b
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72b746c89c5f7ea09103e880059c4cd88b7045ec2a09bb658b569625f4115b
f159347e7db254b448a1e0eb6e7c72157822090c8f50a74b7c01e02eb59e3e16
f356bfb56fdff6b9ee5226a25eedc63236a68635f75fc14cc8b3cc85b4ba5888
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b