www.geico.com Open in urlscan Pro
104.111.245.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBER=2ab1cae810cfa1c6fb...
Effective URL:
https://www.geico.com/
Submission: On July 20 via manual (July 20th 2020, 12:10:17 pm UTC) from US

Summary HTTP 67 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 18 domains to perform 67 HTTP transactions. The main IP is 104.111.245.152, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.geico.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 4th 2019. Valid for: 2 years.

This is the only time www.geico.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	157.52.243.251 157.52.243.251	46573 (LAYER-HOST) (LAYER-HOST)
2	206.214.74.6 206.214.74.6	62904 (EONIX-COM...) (EONIX-COMMUNICATIONS-ASBLOCK-62904)
4	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
21	104.111.245.152 104.111.245.152	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a02:26f0:10c... 2a02:26f0:10c:387::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	34.240.64.134 34.240.64.134	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:149e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.217.23.134 172.217.23.134	15169 (GOOGLE) (GOOGLE)
1	143.204.201.13 143.204.201.13	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
2	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1	54.76.90.77 54.76.90.77	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:f800:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:c200:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	34.72.38.229 34.72.38.229	15169 (GOOGLE) (GOOGLE)
1	35.223.68.91 35.223.68.91	15169 (GOOGLE) (GOOGLE)
8	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.192.39.196 35.192.39.196	15169 (GOOGLE) (GOOGLE)
67	23

1 157.52.243.251 (Los Angeles, United States)

ASN46573 (LAYER-HOST, US)

t.singian.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.214.74.6 (Las Vegas, United States)

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US)

megaclay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.111.245.152 (Netherlands)

ASN16625 (AKAMAI-AS, US)

www.geico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:10c:387::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd309.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.64.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:149e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2992003.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.152.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

geico.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)

sadobeanalytics.geico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.90.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

geico.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f800:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:c200:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.72.38.229 (United States)

ASN15169 (GOOGLE, US)

geico-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.68.91 (Mountain View, United States)

ASN15169 (GOOGLE, US)

geico-sync.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn0thecsujsizknzd-geico.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.192.39.196 (United States)

ASN15169 (GOOGLE, US)

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	geico.com www.geico.com sadobeanalytics.geico.com	356 KB
9	quantummetric.com cdn.quantummetric.com geico-app.quantummetric.com geico-sync.quantummetric.com rl.quantummetric.com	69 KB
8	qualtrics.com zn0thecsujsizknzd-geico.siteintercept.qualtrics.com	5 KB
5	adobedtm.com assets.adobedtm.com	103 KB
4	doubleclick.net 2 redirects fls.doubleclick.net stats.g.doubleclick.net 2992003.fls.doubleclick.net	1 KB
4	demdex.net 1 redirects dpm.demdex.net geico.demdex.net	3 KB
4	googletagmanager.com www.googletagmanager.com	123 KB
3	branch.io cdn.branch.io api2.branch.io	24 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	48 KB
2	megaclay.com megaclay.com	6 KB
1	akstat.io 684dd309.akstat.io	201 B
1	app.link app.link	751 B
1	omtrdc.net geico.tt.omtrdc.net	451 B
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	176 B
1	singian.org t.singian.org	452 B
67	18

	Domain	Requested by
21	www.geico.com	megaclay.com www.geico.com
8	zn0thecsujsizknzd-geico.siteintercept.qualtrics.com	cdn.quantummetric.com
6	geico-app.quantummetric.com	cdn.quantummetric.com
5	assets.adobedtm.com	assets.adobedtm.com
4	www.googletagmanager.com	megaclay.com assets.adobedtm.com www.googletagmanager.com
3	dpm.demdex.net	1 redirects www.geico.com
2	api2.branch.io	cdn.quantummetric.com
2	sadobeanalytics.geico.com	cdn.quantummetric.com
2	2992003.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	megaclay.com	megaclay.com
1	rl.quantummetric.com	cdn.quantummetric.com
1	684dd309.akstat.io	s.go-mpulse.net
1	geico-sync.quantummetric.com	cdn.quantummetric.com
1	app.link	cdn.branch.io
1	geico.tt.omtrdc.net	cdn.quantummetric.com
1	cm.everesttech.net	1 redirects
1	geico.demdex.net	assets.adobedtm.com
1	www.google.de	www.geico.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	cdn.branch.io	t.singian.org
1	fls.doubleclick.net	assets.adobedtm.com
1	cdn.quantummetric.com	assets.adobedtm.com
1	s.go-mpulse.net	www.geico.com
1	t.singian.org
67	27

This site contains links to these domains. Also see Links.

Domain
ecams.geico.com
geico.app.link
commercial.geico.com
itunes.apple.com
play.google.com
media.geico.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.geico.com Trustwave Organization Validation SHA256 CA, Level 1	`2019-09-04` - `2021-09-03`	2 years	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
sadobeanalytics.geico.com DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-16`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-28` - `2021-02-13`	2 years	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.geico.com/
Frame ID: D0C653E58C314CF8C987EF3F1251E1EF
Requests: 56 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Frame ID: E246182FDD032EBA13EAD3AFA43870EB
Requests: 2 HTTP requests in this frame

Frame: https://2992003.fls.doubleclick.net/activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;~oref=https%3A%2F%2Fwww.geico.com%2F
Frame ID: E3BF32A133F5733F42B909E281D4DC21
Requests: 1 HTTP requests in this frame

Frame: https://geico.demdex.net/dest5.html?d_nsid=0
Frame ID: 9C680A453B73944A0C49A9E39A8B9C19
Requests: 1 HTTP requests in this frame

Frame: https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247004205&z=1&S=0&N=0&P=0
Frame ID: 635FC63D5168838E1A7D2EEDDB27B23F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBE... Page URL
http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881 Page URL
https://www.geico.com/ Page URL

Page Statistics

67
Requests

96 %
HTTPS

44 %
IPv6

18
Domains

27
Subdomains

23
IPs

7
Countries

757 kB
Transfer

2640 kB
Size

14
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://ecams.geico.com/express?action=ID_CARD&traceback=static_exp_id
Title: Get ID Cards

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=VEHICLE&traceback=static_exp_veh
Title: Add A Vehicle

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=PAPERLESS&traceback=static_exp_paperless
Title: Go Paperless

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/activation?traceback=static
Title: Create Online Account

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationPanelReportaClaim
Title: Report a Claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationPanelViewClaim
Title: View a Claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationClaimsGetERS
Title: Get Roadside Help

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInfoPanelReportGlassDamage
Title: Report Glass Damage

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=PAY_AND_ENROLL&traceback=static_exp_pay
Title: Make a payment

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/ecams/login
Title: login

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/ForgotUserId.aspx
Title: User ID

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/ForgotPassword.aspx
Title: password

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/Register.aspx
Title: Sign up for online access

Search URL Search Domain Scan URL

URL: https://geico.app.link/StaticLogInPanelReportIncident
Title: Report an incident

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticLogInPanelTrackClaim
Title: Track a claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticLogInReportGlass
Title: Report glass-only damage

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeRequestERS
Title: Request roadside assistance

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeReportAnIncident
Title: Report an Incident

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeTrackClaim
Title: Track a claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeReportGlassDamage
Title: Report glass-only damage

Search URL Search Domain Scan URL

URL: https://geico.app.link/static/GEICOApp?~campaign=Campaign:Static:HomePage:Default
Title: award winning app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/id331763096
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.geico.mobile
Title:

Search URL Search Domain Scan URL

URL: https://media.geico.com/legal/privacy_policy.htm
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geico

Search URL Search Domain Scan URL

URL: https://twitter.com/geico

Search URL Search Domain Scan URL

URL: https://www.instagram.com/geico/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/geico/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GEICO

Search URL Search Domain Scan URL

URL: https://media.geico.com/legal/cookie_policy.html
Title: cookie policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBER=2ab1cae810cfa1c6fb8863c40e8b&src=MAILCNS32&RSD=6770&RMID=AC_CNS_LFC_20200710&RRID=0d3338c437656158fff89321590ea121df5840c335\n&p1=%40QWudvw3BgjuXKtB0pjKHgXDec%3D Page URL
http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881 Page URL
https://www.geico.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1595247003236 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1595247003236

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1435410136&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geico.com%2F&dr=http%3A%2F%2Fmegaclay.com%2Fclicks%3Fcid%3D26118%26pub%3D201675%26sid1%3D634187%26sid2%3Dksfjk%26sid3%3D%26sid4%3D%26lp%3D7881&ul=en-us&de=UTF-8&dt=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGDAAUAB~&jid=1611490464&gjid=1999663492&cid=1349799055.1595247004&tid=UA-34118221-1&_gid=1772985456.1595247004&_r=1&gtm=2ou783&z=1013148103 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_gid=1772985456.1595247004&gjid=1999663492&_v=j83&z=1013148103 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_v=j83&z=1013148103 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_v=j83&z=1013148103&slf_rd=1&random=2748337919

Request Chain 37

https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;~oref=https%3A%2F%2Fwww.geico.com%2F HTTP 302
https://2992003.fls.doubleclick.net/activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;~oref=https%3A%2F%2Fwww.geico.com%2F

Request Chain 40

https://cm.everesttech.net/cm/dd?d_uuid=84680153334766816750952617785005151389 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxWJmwAAAmcY4y3-

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
t.singian.org/r/ 186 B
452 B 1039ms
577ms Document
text/html 157.52.243.251
LAYER-HOST

General

Check archive.org

Show headers Download Go to

Full URL: http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBER=2ab1cae810cfa1c6fb8863c40e8b&src=MAILCNS32&RSD=6770&RMID=AC_CNS_LFC_20200710&RRID=0d3338c437656158fff89321590ea121df5840c335\n&p1=%40QWudvw3BgjuXKtB0pjKHgXDec%3D
Protocol: HTTP/1.1
Server: 157.52.243.251 Los Angeles, United States, ASN46573 (LAYER-HOST, US),
Reverse DNS
Software: /
Resource Hash: ca18c36797dc3dda451d35f33bcbe76b4f417bb14b40737ff2b01a0e1ad51512

Request headers

Host: t.singian.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 20 Jul 2020 12:10:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Encoding: gzip

GET
H/1.1 200
OK clicks Show response
megaclay.com/ 5 KB
6 KB 458ms
384ms Document
text/html 206.214.74.6
EONIX-COMMUNICATI...

General

Check archive.org

Show headers Download Go to

Full URL: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881
Protocol: HTTP/1.1
Server: 206.214.74.6 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
Software: nginx/1.10.3 / PHP/5.4.45
Resource Hash: 3b8beacdd740aef4906ede0ded74a28b11ab3727f53afe81e501c6853ef49633

Request headers

Host: megaclay.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBER=2ab1cae810cfa1c6fb8863c40e8b&src=MAILCNS32&RSD=6770&RMID=AC_CNS_LFC_20200710&RRID=0d3338c437656158fff89321590ea121df5840c335\n&p1=%40QWudvw3BgjuXKtB0pjKHgXDec%3D
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBER=2ab1cae810cfa1c6fb8863c40e8b&src=MAILCNS32&RSD=6770&RMID=AC_CNS_LFC_20200710&RRID=0d3338c437656158fff89321590ea121df5840c335\n&p1=%40QWudvw3BgjuXKtB0pjKHgXDec%3D

Response headers

Server: nginx/1.10.3
Date: Mon, 20 Jul 2020 12:10:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.45

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 58 KB
23 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: megaclay.com
URL: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dead9c79e40d654c025197a8b44c2c9b6da5e338b909aa5bd32a59d69971b248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23519
x-xss-protection: 0
expires: Mon, 20 Jul 2020 12:10:02 GMT

POST
H/1.1 200
OK index.php
megaclay.com/ 145 B
337 B 362ms
362ms XHR
text/html 206.214.74.6
EONIX-COMMUNICATI...

General

Check archive.org

Show headers Download Go to

Full URL: http://megaclay.com/index.php
Requested by: Host: megaclay.com
URL: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881
Protocol: HTTP/1.1
Server: 206.214.74.6 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
Software: nginx/1.10.3 / PHP/5.4.45
Resource Hash

Request headers

Referer: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 20 Jul 2020 12:10:02 GMT
Server: nginx/1.10.3
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 Primary Request / Show response
www.geico.com/ 90 KB
20 KB 548ms
271ms Document
text/html 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/

Requested by

Host: megaclay.com
URL: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

0fa83b45af87a11aca435075dc37471866019517252c3c2b6f96c7bf20bee2e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.geico.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://megaclay.com/clicks?cid=26118&pub=201675&sid1=634187&sid2=ksfjk&sid3=&sid4=&lp=7881

Response headers

status: 200
server: Apache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
link: <https://assets.adobedtm.com>; rel=preconnect <https://www.googletagmanager.com>; rel=preconnect <https://dpm.demdex.net>; rel=preconnect <https://vt.myvisualiq.net>; rel=preconnect <https://t.myvisualiq.net>; rel=preconnect <https://p.tvpixel.com>; rel=preconnect <https://d.turn.com>; rel=preconnect <https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js>; rel=preload; as=script <https://www.googletagmanager.com/gtag/js?id=AW-1071224235>; rel=preload; as=script <https://assets.adobedtm.com>;rel="preconnect",<https://cdn.quantummetric.com>;rel="preconnect",<https://cdn.branch.io>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Incapsula
x-iinfo: 11-98610776-98646673 SNNN RT(1595246763347 238609) q(0 0 0 1) r(2 2) U5
x-akamai-transformed: 9 17315 0 pmb=mRUM,2
expires: Mon, 20 Jul 2020 12:10:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Jul 2020 12:10:02 GMT
content-length: 18619
set-cookie: visid_incap_1684653=MO1zjeeQTGCu16iTMTOw85mJFV8AAAAAQUIPAAAAAADhCnH5SmS4/vyzQ/O7k/JN; expires=Mon, 19 Jul 2021 13:46:28 GMT; HttpOnly; path=/; Domain=.geico.com; Secure; SameSite=None incap_ses_874_1684653=lFGdaHmnu0Wxr+c8ahIhDJqJFV8AAAAASJb2V2/PASCtreZ4wOZBLQ==; path=/; Domain=.geico.com; Secure; SameSite=None AKA_A2=A; expires=Mon, 20-Jul-2020 13:10:02 GMT; path=/; domain=geico.com; secure; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=36 origin; dur=157

GET
H2 200 launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js Show response
assets.adobedtm.com/ 266 KB
79 KB 32ms
10ms Script
application/x-javascript 2a02:26f0:10c:387::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:387::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6bebb7e726087e11d14f25e9526fe93ae1f87a346e118ec0d0db3d057a98b981

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 19:56:01 GMT
server: AkamaiNetStorage
etag: "8d2aeff7e5460b565056f990ac893e16:1595015761.051146"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 80907
expires: Mon, 20 Jul 2020 13:10:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
33 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071224235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f51a579b0da8f54181cc607e32a08eec5706b0df037366b76d27904bc0b25a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34148
x-xss-protection: 0
expires: Mon, 20 Jul 2020 12:10:03 GMT

GET
H2 200 cache-base-css.php
www.geico.com/public/css/design6/ 258 KB
35 KB 66ms
63ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/css/design6/cache-base-css.php

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c4b646a4bece318102ad45cc1f545e86c587de00ce25ce67d788e3db74b6f104

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 13-137738289-137738290 SNNN RT(1595242225116 361773) q(0 0 0 -1) r(2 2) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 35171
x-xss-protection: 1; mode=block
server: Apache
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css;charset=UTF-8
cache-control: max-age=3600

GET
H2 200 geico.com.css
www.geico.com/public/css/design6/ 28 KB
5 KB 1ms
0ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/css/design6/geico.com.css

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c462e24e2e3a3794abc1ea3a135a5e5213bee6e211a118111676db98db77f439

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 12-79842971-80079842 SNNN RT(1595241160692 1425466) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=14
vary: Accept-Encoding
content-length: 4980
x-xss-protection: 1; mode=block
x-akamai-http2-push: 1
last-modified: Mon, 20 Jul 2020 11:35:23 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 main.css
www.geico.com/public/css/homepage/design6/ 40 KB
6 KB 2ms
0ms Stylesheet
text/css 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/css/homepage/design6/main.css

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

a9940035298d2ee1f53975d91e0121aa4680bdada8097b94ef838e06df8a119c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 4-54293358-54293359 SNNN RT(1595242567878 18338) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=37
vary: Accept-Encoding
content-length: 6181
x-xss-protection: 1; mode=block
x-akamai-http2-push: 1
last-modified: Mon, 20 Jul 2020 10:57:30 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 gecko-side.jpg
www.geico.com/public/layout_images/homepage/design6/ 11 KB
12 KB 69ms
65ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/layout_images/homepage/design6/gecko-side.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

e132a6fa42a04e17b952a155520660e26c6e7277c309dee420a5797ae66866c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1595242604
x-content-type-options: nosniff
x-im-result-width: 250
status: 200
x-image-server-response: request-2511299-31546311-2ccab914
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11444
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Wed, 20 Feb 2019 15:32:36 GMT
server: Akamai Image Server
x-image-server-cpu-real: 30
date: Mon, 20 Jul 2020 12:10:03 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 250
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 11797

GET
H2 200 geicoApp-AppStoreDL.jpg
www.geico.com/public/images/aboutgeico/mobile/ 2 KB
2 KB 72ms
68ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/images/aboutgeico/mobile/geicoApp-AppStoreDL.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1595242588
x-content-type-options: nosniff
x-im-result-width: 101
status: 200
x-image-server-response: request-2055506-77052935-34e86c8
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1986
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Mon, 20 Jul 2020 10:50:58 GMT
server: Akamai Image Server
x-image-server-cpu-real: 7
date: Mon, 20 Jul 2020 12:10:03 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 101
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 3100

GET
H2 200 geicoApp-GooglePlayDL.jpg
www.geico.com/public/images/aboutgeico/mobile/ 2 KB
2 KB 75ms
71ms Image
image/jpeg 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/public/images/aboutgeico/mobile/geicoApp-GooglePlayDL.jpg

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-image-server-store-time: 1595242590
x-content-type-options: nosniff
x-im-result-width: 99
status: 200
x-image-server-response: request-1698648-61513900-6788aae
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2018
x-xss-protection: 1; mode=block
x-image-server-product: AIC
last-modified: Mon, 20 Jul 2020 10:50:58 GMT
server: Akamai Image Server
x-image-server-cpu-real: 32
date: Mon, 20 Jul 2020 12:10:03 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-im-original-width: 99
cache-control: no-transform, max-age=3600
content-type: image/jpeg
x-image-server-original-size: 2878

GET
H2 200 cache-base-js.php Show response
www.geico.com/public/scripts/design6/ 361 KB
73 KB 66ms
66ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/design6/cache-base-js.php

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

718cf54c1703629cccc46d1a8b0f1a28fbdbb4c104a509b04f4be4eb0dc6998c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 5-86755724-86755725 NNNN CT(3089 90 0) RT(1595242586806 1) q(0 0 31 -1) r(53 53) U5
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 73952
x-xss-protection: 1; mode=block
server: Apache
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600

GET
H2 200 jquery.cookie.js Show response
www.geico.com/public/scripts/jquery/ 4 KB
2 KB 0ms
0ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/jquery/jquery.cookie.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 12-80081021-80079842 SNNN RT(1595242586183 93) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 1174
x-xss-protection: 1; mode=block
x-akamai-http2-push: 1
last-modified: Mon, 20 Jul 2020 10:58:19 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 global.js Show response
www.geico.com/public/scripts/design6/ 41 KB
8 KB 2ms
0ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/design6/global.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

30fc486e49a9fa1188cbcb3c408995edcad15520c57046f1ae07025bfbf1b2a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 14-104619542-104619543 SNNN RT(1595242575921 10543) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=88
vary: Accept-Encoding
content-length: 8106
x-xss-protection: 1; mode=block
x-akamai-http2-push: 1
last-modified: Mon, 20 Jul 2020 10:59:16 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 homepage.js Show response
www.geico.com/public/scripts/design6/ 40 KB
7 KB 3ms
0ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/design6/homepage.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

412fc52552222644135583568cee07100f4de1e08faf156879865e1d6facf67e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 2-25356805-25356806 SNNN RT(1595242586222 167) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=17
vary: Accept-Encoding
content-length: 6743
x-xss-protection: 1; mode=block
x-akamai-http2-push: 1
last-modified: Mon, 20 Jul 2020 10:59:32 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 _Incapsula_Resource Show response
www.geico.com/ 117 KB
17 KB 108ms
104ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=993045781

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

a29acde2f9e4a7a9310967504937dd69b61a5150294417127d08c9fd1c9c9fa7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
status: 200
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=12
content-length: 17194
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:03 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-security-policy: frame-ancestors 'self'
x-robots-tag: noindex
expires: Mon, 20 Jul 2020 12:10:03 GMT

GET
H2 200 LBAJ4-7RCLK-J6VHB-MN55E-J4AYH Show response
s.go-mpulse.net/boomerang/ Frame E246 187 KB
47 KB 31ms
8ms Script
application/javascript 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Requested by: Host: www.geico.com
URL: https://www.geico.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: br
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 47928

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 lato-normal-400-latin.woff2
www.geico.com/public/design-kit/4.0/fonts/ 26 KB
26 KB 71ms
65ms Font
font/woff2 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/fonts/lato-normal-400-latin.woff2

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.geico.com/public/css/design6/cache-base-css.php
Origin: https://www.geico.com

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 14-178151364-178167788 SNNN RT(1595242586816 62580) q(0 1 1 1) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 25670
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jul 2020 13:21:29 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 lato-normal-700-latin.woff2
www.geico.com/public/design-kit/4.0/fonts/ 25 KB
25 KB 68ms
68ms Font
font/woff2 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/fonts/lato-normal-700-latin.woff2

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.geico.com/public/css/design6/cache-base-css.php
Origin: https://www.geico.com

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 3-46805928-46809041 SNNN RT(1595242586923 62609) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 25025
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jul 2020 13:21:29 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 geico.ttf
www.geico.com/public/design-kit/4.0/fonts/ 76 KB
43 KB 74ms
74ms Font
font/ttf 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/design-kit/4.0/fonts/geico.ttf?r5709x

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

26ee44830b733e22d021f3d079412473dbefa536d2301869762f95cf9376ea07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.geico.com/public/css/design6/cache-base-css.php
Origin: https://www.geico.com

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 14-178177559-178177560 SNNN RT(1595242680042 31656) q(0 1 1 -1) r(2 2) U5
server-timing: cdn-cache; desc=HIT, edge; dur=2
vary: Accept-Encoding
content-length: 43928
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jul 2020 13:21:29 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1595247003236
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1595247003236

364 B
1 KB

77ms
76ms

XHR
application/json

34.240.64.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1595247003236

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.64.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

554392061111094893fc4f072499ee120df1900a9e56a15b5b6085a46adc35ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v075-0698b2b19.edge-irl1.demdex.com 5.74.0.20200706134429 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: zGZ2mBiJR3k=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.geico.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 300
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.geico.com
X-TID: Ab5kDOZuTvo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1595247003236
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EXf99aaca6ab2d4726b35bfc912b7dadf9-libraryCode_source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/ 76 KB
21 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:10c:387::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/EXf99aaca6ab2d4726b35bfc912b7dadf9-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:387::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 174ee0c66273f80a743482b11fd1a9bcd8debb12ee326c17d198714a2ba79cb4

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 19:56:02 GMT
server: AkamaiNetStorage
etag: "bd14d2cfc794029f6a18aa69b8b958eb:1595015762.087623"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 21277
expires: Mon, 20 Jul 2020 13:10:03 GMT

GET
H2 200 quantum-geico.js Show response
cdn.quantummetric.com/qscripts/ 279 KB
68 KB 76ms
46ms Script
text/javascript 2606:4700:10::ac43:149e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-geico.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76a37f826da68269c316fb739b7d48a1dedf1f282bd4053cf764bc1220788402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000
cf-ray: 5b5c93aa9f081f11-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 040dba9ea200001f11de84d200000001

GET
H2 200 RCb179f660f8ad46e6bea230cf758beb08-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/ 1 KB
894 B 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:387::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/RCb179f660f8ad46e6bea230cf758beb08-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:387::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 10c7eca3ff24ecec8f3855035ed88ec114f6f19c937deed9bc8c5b032067366a

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 19:56:02 GMT
server: AkamaiNetStorage
etag: "bd14d2cfc794029f6a18aa69b8b958eb:1595015762.087623"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 649
expires: Mon, 20 Jul 2020 13:10:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
33 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f181a6ef4c6d613adcf5812c7b6a7fa7d115ccb6e6d1f311d2b00133941362e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34148
x-xss-protection: 0
expires: Mon, 20 Jul 2020 12:10:03 GMT

GET
H2 200 RC3cf6ee41c47f43f48107cff337696840-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/ 331 B
456 B 11ms
10ms Script
application/x-javascript 2a02:26f0:10c:387::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/RC3cf6ee41c47f43f48107cff337696840-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:387::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c1dc047e080ca61b38b172f6d98e0b5a833ba576e2e8ebce9a5cdca2c98fd5eb

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 19:56:02 GMT
server: AkamaiNetStorage
etag: "bd14d2cfc794029f6a18aa69b8b958eb:1595015762.087623"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 212
expires: Mon, 20 Jul 2020 13:10:03 GMT

GET
H2 200 geolocation.js Show response
www.geico.com/public/scripts/ 3 KB
1 KB 0ms
0ms XHR
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/geolocation.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/scripts/design6/cache-base-js.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

15599a3af2dbebca8c47fd27216370057bc0f3d10bcf3160949d1a114147cc50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.geico.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 13-98211881-98221574 SNNN RT(1595242586216 66933) q(0 0 0 1) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=18
vary: Accept-Encoding
content-length: 936
x-xss-protection: 1; mode=block
x-akamai-http2-push: 1
last-modified: Mon, 20 Jul 2020 10:57:35 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 _Incapsula_Resource
www.geico.com/ 1 B
466 B 142ms
142ms Image
text/plain 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geico.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6231861908481058

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Mon, 20 Jul 2020 12:10:03 GMT
x-frame-options: sameorigin
content-type: text/plain
status: 200
cache-control: max-age=0, no-cache, no-store
content-security-policy: frame-ancestors 'self'
server-timing: cdn-cache; desc=MISS, edge; dur=18, origin; dur=6
x-robots-tag: noindex
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 20 Jul 2020 12:10:03 GMT

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
722 B 195ms
68ms Script
text/javascript 172.217.23.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=2992003&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=8353262937974

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/EXf99aaca6ab2d4726b35bfc912b7dadf9-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 77 KB
23 KB 249ms
64ms Script
text/javascript 143.204.201.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: t.singian.org
URL: http://t.singian.org/r/?u=KW1t/M2RxZW101x3Wcb/1MtxvWS3JjSxid=h54cb031d,1eded3d0,1f1cf246&RR_NUMBER=2ab1cae810cfa1c6fb8863c40e8b&src=MAILCNS32&RSD=6770&RMID=AC_CNS_LFC_20200710&RRID=0d3338c437656158fff89321590ea121df5840c335\n&p1=%40QWudvw3BgjuXKtB0pjKHgXDec%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 394be884a16cb321802331c2eab3b32ead9ccdbea547437a54cac053ef6d9a70

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 20 Jul 2020 12:09:36 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 16 Jul 2020 16:24:07 GMT
Server: AmazonS3
Age: 28
ETag: "bd44566f2bed7a4ca99138ccbfeadbd6"
X-Cache: Hit from cloudfront
x-amz-version-id: rZUBs8gF8OQ7tDzWBI6p.QOWDwynt_g4
Via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
Cache-Control: max-age=300
X-Amz-Cf-Pop: FRA53-C1
Content-Type: text/javascript
Content-Length: 23160
X-Amz-Cf-Id: wxsYmnYvTbCVLoB34Uq5pX4WAr4Pz-TljCfUo2rgFcqO-Gr90-IzZg==

GET
H2 200 RC61383beaf19f4971aadf2dcbddffbe7a-source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/ 2 KB
915 B 12ms
12ms Script
application/x-javascript 2a02:26f0:10c:387::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/a20d13acfd9a/RC61383beaf19f4971aadf2dcbddffbe7a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:387::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9a4baab5aabcd1b031d4df4d78b7f812269340a745db1b6455cd3eaeb48607bf

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 19:56:02 GMT
server: AkamaiNetStorage
etag: "bd14d2cfc794029f6a18aa69b8b958eb:1595015762.087623"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 670
expires: Mon, 20 Jul 2020 13:10:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4425
date: Mon, 20 Jul 2020 10:56:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 20 Jul 2020 12:56:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
33 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-2992003&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b2dc28ad6ec2d873ac3a1f14e740c3e8ef8a36dd420534efdc3849843fae3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34170
x-xss-protection: 0
expires: Mon, 20 Jul 2020 12:10:03 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame E246 2 KB
944 B 220ms
202ms XHR
application/json 2a02:26f0:6c00:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=LBAJ4-7RCLK-J6VHB-MN55E-J4AYH&d=www.geico.com&t=5317490&v=1.571.0&if=&sl=0&si=gaoki91mu4l-NaN&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 1ae26238a00679e2ec027c406af8a57475ff08b359fee58b20317efd5229a19f

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 20 Jul 2020 12:10:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 624

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1435410136&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geico.com%2F&dr=http%3A%2F%2Fmegaclay.com%2Fclicks%3Fcid%3D26118%26pub%3D201675%26sid1%3D6341...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_gid=1772985456.1595247004&gjid=1999663492&_v=j83&z=1013148103
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_v=j83&z=1013148103
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_v=j83&z=1013148103&slf_rd=1&random=2748337919

42 B
106 B

20ms
20ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_v=j83&z=1013148103&slf_rd=1&random=2748337919

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jul 2020 12:10:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jul 2020 12:10:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1349799055.1595247004&jid=1611490464&_v=j83&z=1013148103&slf_rd=1&random=2748337919
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault...
2992003.fls.doubleclick.net/ Frame E3BF
Redirect Chain

https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefau...
https://2992003.fls.doubleclick.net/activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15...

0
0

78ms
78ms

Document
text/html

172.217.23.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2992003.fls.doubleclick.net/activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;~oref=https%3A%2F%2Fwww.geico.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-2992003&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2992003.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;~oref=https%3A%2F%2Fwww.geico.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.geico.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 20 Jul 2020 12:10:03 GMT
expires: Mon, 20 Jul 2020 12:10:03 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1476
x-xss-protection: 0
set-cookie: IDE=AHWqTUmxm7J49P700BCKOGHVq_jQJ5prCNuFLGCUvCPiLZb8g7GuZU415cye2DFE; expires=Sat, 14-Aug-2021 12:10:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 20 Jul 2020 12:10:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2992003.fls.doubleclick.net/activityi;dc_pre=CPjr7Zfm2-oCFTnluwgdItYGWg;src=2992003;type=retar660;cat=homep837;ord=1;num=3501400883496;gtm=2od783;auiddc=434037040.1595247004;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;~oref=https%3A%2F%2Fwww.geico.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set dest5.html
geico.demdex.net/ Frame 9C68 0
0 318ms
72ms Document
text/html 63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geico.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: geico.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.geico.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=84680153334766816750952617785005151389
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.geico.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 07 Jul 2020 07:46:42 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=84680153334766816750952617785005151389;Path=/;Domain=.demdex.net;Expires=Sat, 16-Jan-2021 12:10:03 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: XwAiPs91QXU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
sadobeanalytics.geico.com/ 48 B
479 B 361ms
64ms XHR
application/x-javascript 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sadobeanalytics.geico.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&mid=84946376903635726690963502286720475883&ts=1595247003635

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

d375d465db5015375862c0a458c35de0eb8bad5ccec66864fb542710b839735e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 20 Jul 2020 12:10:03 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7447d85976-29zc9
vary: Origin
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.geico.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XxWJmwAAAmcY4y3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=84680153334766816750952617785005151389
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxWJmwAAAmcY4y3-

42 B
915 B

74ms
73ms

Image
image/gif

34.240.64.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxWJmwAAAmcY4y3-

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.64.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v075-03fa8ccbe.edge-irl1.demdex.com 5.74.0.20200706134429 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: FFSHUZGqT8Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 20 Jul 2020 12:10:03 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxWJmwAAAmcY4y3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

POST
H2 200 delivery Show response
geico.tt.omtrdc.net/rest/v1/ 278 B
451 B 246ms
82ms XHR
application/json 54.76.90.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geico.tt.omtrdc.net/rest/v1/delivery?client=geico&sessionId=bd18cae057df4ec4b667b009750cc5aa&version=2.3.0
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.90.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ddb3414fc4bcdf67d020bbbd99c38310ab85189ca351405bbfc4641b2ce45040

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
content-encoding: gzip
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
x-request-id: e5d5b0fc16cb8aefd5570b6d97301c02

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
751 B 209ms
177ms Script
text/javascript 2600:9000:2057:f800:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.54.4&branch_key=key_live_cdx48HLr92TSxZjby6NtdfepDDfcfxpz&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:f800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

c19c2f74d915fbfe4668a5693d4c85ace22e9c8a42d9484138c82608b6894872

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 20 Jul 2020 12:10:03 GMT
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA6-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-MAil5OJhqd1RWmuPCGRxDGMSI1A"
X-Amz-Cf-Id: -fCmp51WbQx20F2JPF0KXmuRzQK2f7BUbmoyGo945C4KdtVpf20e5w==

POST
H2 200 open Show response
api2.branch.io/v1/ 267 B
553 B 335ms
312ms XHR
application/json 2600:9000:214f:c200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:c200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 8315cc10feeec43a72c0c136f94190927d366b65c4db42bbac3d01bda97d76f0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 267
x-amz-cf-id: kcsdkDJ3908aOcU5G42B01CfrUtC7PbN4gAWJvkwn7Os6oWD2IEeqQ==

GET
H2 200 OrchestratorMain.js Show response
www.geico.com/public/scripts/qualtrics/ 60 KB
13 KB 172ms
171ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/qualtrics/OrchestratorMain.js

Requested by

Host: www.geico.com
URL: https://www.geico.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5795c090740f40b27406c50c000e62b79d171695fdf1f3482e3c8c445eb446f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 14-119087531-119172554 SNNN RT(1595242586811 533356) q(0 0 0 -1) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=56
vary: Accept-Encoding
content-length: 12935
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jul 2020 11:05:21 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 s88459926742639
sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.20.0-LAUN/ 43 B
640 B 65ms
65ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.20.0-LAUN/s88459926742639?AQB=1&ndh=1&pf=1&t=20%2F6%2F2020%2014%3A10%3A4%201%20-120&sdid=6D9A06723C13CACC-52853CDC03335C4E&mid=84946376903635726690963502286720475883&aamlh=6&ce=UTF-8&ns=geico&pageName=Static%3AHomePage%3ADefault&g=https%3A%2F%2Fwww.geico.com%2F&r=http%3A%2F%2Fmegaclay.com%2Fclicks%3Fcid%3D26118%26pub%3D201675%26sid1%3D634187%26sid2%3Dksfjk%26sid3%3D%26sid4%3D%26lp%3D7881&cc=USD&events=event32&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=D%3Dg&c4=New&c5=2.20.0&c14=Non-Mobile%20App%20Experience&v17=D%3Dc3&v18=D%3DpageName&v19=8%3A00AM-Monday&v21=Non-Mobile%20App%20Experience&v25=D%3Dc25&c28=3.003_P&v48=nc&v64=https%3A%2F%2Fgeico.quantummetric.com%2F%23%2Fusers%2Fsearch%3Fautoreplay%3Dtrue%26qmsessioncookie%3Dundefined&c75=VisitorAPI%20Present&v77=D%3Dv0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:03 GMT
x-content-type-options: nosniff
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 21 Jul 2020 12:10:04 GMT
server: jag
xserver: anedge-7447d85976-hz6w2
etag: 3425766855696285696-4614262684858295363
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 19 Jul 2020 12:10:04 GMT

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame 635F 90 B
425 B 492ms
158ms XHR
application/json 34.72.38.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247004205&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.38.229 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

4bc58c9faf5958af9c45f3b15b74348d8fb5e2f949d33527b658a54b59280c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
geico-sync.quantummetric.com/ Frame 635F 0
164 B 865ms
370ms XHR
application/json 35.223.68.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247004220&z=2&Q=1&Y=1&X=9e304859d77148b24d2aad9fdac61e08

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.223.68.91 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:05 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
content-length: 0

POST
H2 204 /
684dd309.akstat.io/ 0
201 B 279ms
277ms Other
image/gif 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd309.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 20 Jul 2020 12:10:04 GMT
status: 204
content-type: image/gif
access-control-allow-origin: https://www.geico.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 20 Jul 2020 12:10:04 GMT

POST
H2 200 Targeting.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 280ms
186ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0ThecsUJSizKNzD&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff8106f996f190fe72144a2cfc2c09402ab680147417d45c457cf39ee6f748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.geico.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 5b5c93b16a55f142-ARN
vary: Accept-Encoding
cf-request-id: 040dbaa2dc0000f142b49f9200000001

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
361 B 180ms
180ms XHR
application/json 2600:9000:214f:c200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:c200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 29
x-amz-cf-id: aifswOzPUXIOFYw9K6z63SmjAZdppdpHiYSZjC2vvVDqGHnpAxBU3Q==

GET
H2 200 CoreModule.js Show response
www.geico.com/public/scripts/qualtrics/ 78 KB
21 KB 73ms
73ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/qualtrics/CoreModule.js?Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/scripts/qualtrics/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

fb10a63cc1f79596994baf9c2e845744582e38be145c4d43e57897d99834b633

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 13-98658326-98658329 SNNN RT(1595245008879 436) q(0 0 0 -1) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=7
vary: Accept-Encoding
content-length: 21485
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jul 2020 11:38:08 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 LinkModule.js Show response
www.geico.com/public/scripts/qualtrics/ 3 KB
1 KB 92ms
90ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/qualtrics/LinkModule.js?Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/scripts/qualtrics/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

2d24cd6ee39a330516d2e0f3abf9729e67ce15d7eeecf1adc7ce93e365c63050

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 14-96069896-96079752 SNNN RT(1595242587905 64335) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=21
vary: Accept-Encoding
content-length: 1000
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jul 2020 10:57:32 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 FeedbackButtonModule.js Show response
www.geico.com/public/scripts/qualtrics/ 114 KB
33 KB 121ms
119ms Script
application/javascript 104.111.245.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geico.com/public/scripts/qualtrics/FeedbackButtonModule.js?Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.geico.com
URL: https://www.geico.com/public/scripts/qualtrics/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.245.152 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ffc50e3b06d8910b1ac8af917df38e5289fbbd58efa5465213ba57f6d6963626

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 14-178151364-178186900 SNNN RT(1595242586816 146099) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=44
vary: Accept-Encoding
content-length: 33388
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jul 2020 10:59:03 GMT
server: Akamai Resource Optimizer
x-frame-options: sameorigin
date: Mon, 20 Jul 2020 12:10:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
831 B 141ms
67ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ebrThfvrduW3xsh&Version=13&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8051b725af0f7c07b8f87ab8cfc0bf686d2bcf2e26b61be4b23c2edbd3ebde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 292453
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 040dbaa43b000015f4fa3e7200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 15 Jul 2030 02:55:51 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 5b5c93b39bd115f4-ARN
servershortname

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
618 B 141ms
68ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6PeYmRlS2YFT301&Version=1&Q_InterceptID=SI_ebrThfvrduW3xsh&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b35e5b5a026a91af332e36dc7cd923e97c06635c1f344d4b304987a51e792b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 434097
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 040dbaa43c000015f4fa3ea200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Sat, 13 Jul 2030 11:35:07 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 5b5c93b39bd615f4-ARN
servershortname

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 131ms
58ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0lne77E50rZSyl7&Version=11&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d7feca25e8b2985be268afba959951211c104c037a6ae5b48399ed3ca8dec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 314781
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 040dbaa43c000015f4fa3e8200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Sun, 14 Jul 2030 20:43:43 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 5b5c93b39bd315f4-ARN
servershortname

GET
H2 200 Asset.php Show response
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 222 B
307 B 142ms
68ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_bDysCase0gxgEbb&Version=1&Q_InterceptID=SI_0lne77E50rZSyl7&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5255af40c47d3009505994f334490cfac6102425238909c52cc1c437ed096272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 247701
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 040dbaa43c000015f4fa3e9200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.geico.com
expires: Mon, 15 Jul 2030 15:21:43 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: true
cf-ray: 5b5c93b39bd415f4-ARN
servershortname

GET
H2 200 / Show response
geico-app.quantummetric.com/ Frame 635F 28 B
246 B 158ms
158ms XHR
application/json 34.72.38.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?s=002571673b4087de51a017213310e8fe&H=524f0a63363b05a456618421&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.38.229 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

GET
H2 200 /
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 0
0 177ms
176ms Image
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_bDysCase0gxgEbb&Q_SIID=SI_0lne77E50rZSyl7&Q_ASID=AS_9WZFaoG0wFV632t&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs&r=1595247004826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 wr-dialog-close-btn-white.png
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 254 B
551 B 54ms
54ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1447044
cf-polished: origSize=759
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
content-length: 254
cf-request-id: 040dbaa4ae0000f142b4a0f200000001
last-modified: Wed, 17 Jun 2020 01:59:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 5b5c93b44f07f142-ARN
servershortname
expires: Mon, 01 Jul 2030 18:12:40 GMT

GET
H2 200 /
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 0
0 199ms
199ms Image
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6PeYmRlS2YFT301&Q_SIID=SI_ebrThfvrduW3xsh&Q_ASID=AS_76884371&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs&r=1595247004829
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geico.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame 635F 0
166 B 159ms
158ms XHR
application/json 34.72.38.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247004880&H=524f0a63363b05a456618421&s=002571673b4087de51a017213310e8fe&U=26773b673fb2a79b3ea39b0d7936e23c&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.38.229 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:04 GMT
server: nginx
status: 200
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame 635F 0
166 B 167ms
167ms XHR
application/json 34.72.38.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247005054&H=524f0a63363b05a456618421&s=002571673b4087de51a017213310e8fe&z=1&S=1520&N=9&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.38.229 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:05 GMT
server: nginx
status: 200
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST
H2 200 hash-check Show response
rl.quantummetric.com/geico/ Frame 635F 2 B
124 B 481ms
159ms XHR
text/plain 35.192.39.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rl.quantummetric.com/geico/hash-check
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.192.39.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Mon, 20 Jul 2020 12:10:06 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.geico.com
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame 635F 0
166 B 159ms
159ms XHR
application/json 34.72.38.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247009220&H=524f0a63363b05a456618421&s=002571673b4087de51a017213310e8fe&z=1&S=12327&N=32&P=2

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.38.229 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:09 GMT
server: nginx
status: 200
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST
H2 200 / Show response
geico-app.quantummetric.com/ Frame 635F 0
166 B 159ms
158ms XHR
application/json 34.72.38.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1595247004117&v=1595247009387&H=524f0a63363b05a456618421&s=002571673b4087de51a017213310e8fe&z=1&Q=2&S=7005&N=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.38.229 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jul 2020 12:10:09 GMT
server: nginx
status: 200
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.geico.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 15:26:39	Name: demdex Value: 84680153334766816750952617785005151389
.doubleclick.net/	1970-01-19 11:07:27	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 13:17:03	Name: _fbp Value: fb.1.1595247003912.1844422936
.doubleclick.net/	1970-01-19 11:08:53	Name: _uetsid Value: 642da33e0d6ec56123cdd10602b65221
.geico.com/	1970-01-20 04:41:31	Name: mbox Value: PC#bd18cae057df4ec4b667b009750cc5aa.37_0#1658491804\|session#bd18cae057df4ec4b667b009750cc5aa#1595248864
.www.geico.com/	1970-01-19 11:17:31	Name: RT Value: "sl=1&ss=1595247002454&tt=1649&obo=0&bcn=%2F%2F684dd309.akstat.io%2F&sh=1595247004108%3D1%3A0%3A1649&dm=www.geico.com&si=7ec19add-d2f3-4a4a-90de-2791f0fa49a6&ld=1595247004108"
.geico.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-19 11:30:51	Name: _uetvid Value: 2ae5f4a2868ffb47c3127ace083c19e0
.geico.com/	1970-01-19 11:07:28	Name: utm_gpv_pageName Value: Static%3AHomePage%3ADefault
.geico.com/	1970-01-19 11:50:39	Name: s_nr Value: 1595247004098-New
.geico.com/	1970-01-20 04:38:39	Name: AMCV_71FF20B3534568190A490D45%40AdobeOrg Value: -408604571%7CMCIDTS%7C18464%7CMCMID%7C84946376903635726690963502286720475883%7CMCAAMLH-1595851803%7C6%7CMCAAMB-1595851803%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1595254204s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18471%7CvVersion%7C4.6.0
.geico.com/	1969-12-31 23:59:59	Name: AMCVS_71FF20B3534568190A490D45%40AdobeOrg Value: 1
.geico.com/	1970-01-20 04:38:39	Name: gvid Value: 84946376903635726690963502286720475883
.geico.com/	1970-01-20 04:38:39	Name: s_ecid Value: MCMID%7C84946376903635726690963502286720475883

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2992003.fls.doubleclick.net
684dd309.akstat.io
api2.branch.io
app.link
assets.adobedtm.com
c.go-mpulse.net
cdn.branch.io
cdn.quantummetric.com
cm.everesttech.net
dpm.demdex.net
fls.doubleclick.net
geico-app.quantummetric.com
geico-sync.quantummetric.com
geico.demdex.net
geico.tt.omtrdc.net
megaclay.com
rl.quantummetric.com
s.go-mpulse.net
sadobeanalytics.geico.com
stats.g.doubleclick.net
t.singian.org
www.geico.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com
104.111.245.152
104.17.208.240
143.204.201.13
15.188.154.177
157.52.243.251
172.217.23.134
206.214.74.6
2600:9000:2057:f800:19:9934:6a80:93a1
2600:9000:214f:c200:11:f728:3040:93a1
2606:4700:10::ac43:149e
2a00:1450:4001:800::2003
2a00:1450:4001:814::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9b
2a02:26f0:10c:387::1e80
2a02:26f0:6c00:181::11a6
2a02:26f0:6c00:192::11a6
34.240.64.134
34.72.38.229
35.192.39.196
35.223.68.91
54.76.90.77
63.32.152.233
66.117.28.86
0fa83b45af87a11aca435075dc37471866019517252c3c2b6f96c7bf20bee2e7
10c7eca3ff24ecec8f3855035ed88ec114f6f19c937deed9bc8c5b032067366a
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
15599a3af2dbebca8c47fd27216370057bc0f3d10bcf3160949d1a114147cc50
174ee0c66273f80a743482b11fd1a9bcd8debb12ee326c17d198714a2ba79cb4
1ae26238a00679e2ec027c406af8a57475ff08b359fee58b20317efd5229a19f
20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4
26ee44830b733e22d021f3d079412473dbefa536d2301869762f95cf9376ea07
2d24cd6ee39a330516d2e0f3abf9729e67ce15d7eeecf1adc7ce93e365c63050
2f181a6ef4c6d613adcf5812c7b6a7fa7d115ccb6e6d1f311d2b00133941362e
30fc486e49a9fa1188cbcb3c408995edcad15520c57046f1ae07025bfbf1b2a0
394be884a16cb321802331c2eab3b32ead9ccdbea547437a54cac053ef6d9a70
3b8beacdd740aef4906ede0ded74a28b11ab3727f53afe81e501c6853ef49633
40d7feca25e8b2985be268afba959951211c104c037a6ae5b48399ed3ca8dec5
412fc52552222644135583568cee07100f4de1e08faf156879865e1d6facf67e
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
4bc58c9faf5958af9c45f3b15b74348d8fb5e2f949d33527b658a54b59280c87
4f51a579b0da8f54181cc607e32a08eec5706b0df037366b76d27904bc0b25a5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
5255af40c47d3009505994f334490cfac6102425238909c52cc1c437ed096272
554392061111094893fc4f072499ee120df1900a9e56a15b5b6085a46adc35ca
5795c090740f40b27406c50c000e62b79d171695fdf1f3482e3c8c445eb446f9
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
6bebb7e726087e11d14f25e9526fe93ae1f87a346e118ec0d0db3d057a98b981
6ff8106f996f190fe72144a2cfc2c09402ab680147417d45c457cf39ee6f748f
718cf54c1703629cccc46d1a8b0f1a28fbdbb4c104a509b04f4be4eb0dc6998c
76a37f826da68269c316fb739b7d48a1dedf1f282bd4053cf764bc1220788402
7b2dc28ad6ec2d873ac3a1f14e740c3e8ef8a36dd420534efdc3849843fae3e3
8315cc10feeec43a72c0c136f94190927d366b65c4db42bbac3d01bda97d76f0
8b35e5b5a026a91af332e36dc7cd923e97c06635c1f344d4b304987a51e792b3
9a4baab5aabcd1b031d4df4d78b7f812269340a745db1b6455cd3eaeb48607bf
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a29acde2f9e4a7a9310967504937dd69b61a5150294417127d08c9fd1c9c9fa7
a9940035298d2ee1f53975d91e0121aa4680bdada8097b94ef838e06df8a119c
c19c2f74d915fbfe4668a5693d4c85ace22e9c8a42d9484138c82608b6894872
c1dc047e080ca61b38b172f6d98e0b5a833ba576e2e8ebce9a5cdca2c98fd5eb
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c462e24e2e3a3794abc1ea3a135a5e5213bee6e211a118111676db98db77f439
c4b646a4bece318102ad45cc1f545e86c587de00ce25ce67d788e3db74b6f104
ca18c36797dc3dda451d35f33bcbe76b4f417bb14b40737ff2b01a0e1ad51512
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
d375d465db5015375862c0a458c35de0eb8bad5ccec66864fb542710b839735e
ddb3414fc4bcdf67d020bbbd99c38310ab85189ca351405bbfc4641b2ce45040
dead9c79e40d654c025197a8b44c2c9b6da5e338b909aa5bd32a59d69971b248
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e132a6fa42a04e17b952a155520660e26c6e7277c309dee420a5797ae66866c2
e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8051b725af0f7c07b8f87ab8cfc0bf686d2bcf2e26b61be4b23c2edbd3ebde9
fb10a63cc1f79596994baf9c2e845744582e38be145c4d43e57897d99834b633
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffc50e3b06d8910b1ac8af917df38e5289fbbd58efa5465213ba57f6d6963626

www.geico.com Open in urlscan Pro 104.111.245.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

67 Requests

96 %HTTPS

44 %IPv6

18 Domains

27 Subdomains

23 IPs

7 Countries

757 kBTransfer

2640 kBSize

14 Cookies

30 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geico.com Open in urlscan Pro
104.111.245.152 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

44 %
IPv6

18
Domains

27
Subdomains

23
IPs

7
Countries

757 kB
Transfer

2640 kB
Size

14
Cookies

67 HTTP transactions
1 data transactions