assurance.com Open in urlscan Pro
18.66.122.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dk465e480ccpv.talk-target.com/prv/uPH-MY3bRbLMOyHO_eEjhMIyjMw08tLFMdUsScfGC5v_Bca2pB_clL5ZsrJYWXPO-G4LqoaxdcaVdZZ01EdVyAaupdDg...
Effective URL:
https://assurance.com/licenses
Submission: On May 12 via api (May 12th 2023, 1:37:36 am UTC) from BE — Scanned from DE

Summary HTTP 80 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 26 domains to perform 80 HTTP transactions. The main IP is 18.66.122.65, located in United States and belongs to AMAZON-02, US. The main domain is assurance.com. The Cisco Umbrella rank of the primary domain is 320238.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 1st 2023. Valid for: 7 months.

This is the only time assurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.246.216.167 91.246.216.167	209767 (SAMTECO) (SAMTECO)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.65 18.66.122.65	16509 (AMAZON-02) (AMAZON-02)
11	13.32.99.34 13.32.99.34	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:9e00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.103 13.225.83.103	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	52.218.205.136 52.218.205.136	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	34.203.56.164 34.203.56.164	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:7a00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.73 143.204.215.73	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	199.68.195.198 199.68.195.198	19626 (EVC-AS) (EVC-AS)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	23.38.98.27 23.38.98.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:48:1... 2620:1ec:48:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	54.86.112.18 54.86.112.18	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	54.149.70.87 54.149.70.87	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.23.67 13.32.23.67	16509 (AMAZON-02) (AMAZON-02)
1	3.220.50.246 3.220.50.246	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
80	32

1 91.246.216.167 (Romania) 1 redirects

ASN209767 (SAMTECO, RO)

dk465e480ccpv.talk-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.yebotzki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-65.fra60.r.cloudfront.net

assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net

cdn.assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:9e00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.205.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.203.56.164 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-56-164.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:7a00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-73.fra53.r.cloudfront.net

assets.assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.68.195.198 (Sandys Parish, Bermuda)

ASN19626 (EVC-AS, BM)

c1.ox-bio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.98.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-27.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.86.112.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-112-18.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.70.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-70-87.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-67.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.50.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-50-246.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	assurance.com assurance.com — Cisco Umbrella Rank: 320238 cdn.assurance.com — Cisco Umbrella Rank: 365185 assets.assurance.com — Cisco Umbrella Rank: 420053	133 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	454 KB
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 14444	5 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 26896 cdn.trustedform.com — Cisco Umbrella Rank: 30358	42 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1059 e.clarity.ms — Cisco Umbrella Rank: 20225 c.clarity.ms — Cisco Umbrella Rank: 1586	22 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 390 c.bing.com — Cisco Umbrella Rank: 254	15 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 720	100 KB
4	ox-bio.com c1.ox-bio.com — Cisco Umbrella Rank: 409825	23 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	29 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	115 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	172 KB
2	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 11177	13 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	82 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	2 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 16423	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5171	408 B
1	trustedsite.com www.trustedsite.com — Cisco Umbrella Rank: 18099	999 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	347 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22336	39 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1714	45 KB
1	yebotzki.com 1 redirects www.yebotzki.com — Cisco Umbrella Rank: 685686	730 B
1	talk-target.com 1 redirects dk465e480ccpv.talk-target.com	231 B
80	26

	Domain	Requested by
11	cdn.assurance.com	assurance.com cdn.trustedform.com
8	create.leadid.com	www.datadoghq-browser-agent.com deviceid.trueleadid.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	analytics.tiktok.com	assurance.com analytics.tiktok.com
4	bat.bing.com	assurance.com bat.bing.com
4	c1.ox-bio.com	www.googletagmanager.com assurance.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	assurance.com www.gstatic.com www.google.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	assurance.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com assurance.com
2	cdn.trustedform.com	assurance.com api.trustedform.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	www.googletagmanager.com	cdn.assurance.com www.googletagmanager.com
2	cdn.ywxi.net	assurance.com
2	cdnjs.cloudflare.com	assurance.com cdnjs.cloudflare.com
2	fonts.googleapis.com	assurance.com
1	c.bing.com	1 redirects
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	e.clarity.ms	www.datadoghq-browser-agent.com
1	www.google.de	assurance.com
1	www.trustedsite.com	cdn.ywxi.net
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	region1.google-analytics.com	www.googletagmanager.com
1	assets.assurance.com	assurance.com
1	create.lidstatic.com	cdn.assurance.com
1	www.datadoghq-browser-agent.com	assurance.com
1	assurance.com
1	www.yebotzki.com	1 redirects
1	dk465e480ccpv.talk-target.com	1 redirects
80	34

This site contains links to these domains. Also see Links.

Domain
www.prudential.com
policies.google.com

Subject Issuer	Validity	Valid
*.assurance.com Amazon RSA 2048 M02	`2023-03-01` - `2023-10-10`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.ywxi.net Amazon RSA 2048 M01	`2023-02-22` - `2023-08-03`	5 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-18` - `2023-05-19`	3 months	crt.sh
ox-bio.com QuoVadis Global SSL ICA G2	`2022-06-30` - `2023-07-14`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.trustedsite.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://assurance.com/licenses
Frame ID: 9908B87D8C6E60EF611A87A2BD90C5C6
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9hc3N1cmFuY2UuY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=kc3pzpuwsh5g
Frame ID: DD6D67FCDC35D386A53F9AB4887D736B
Requests: 7 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3F45377B-040F-F94D-FDF4-0F88717FF051&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: C4DC7023F026C802477D5D36FE678B7D
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=3F45377B-040F-F94D-FDF4-0F88717FF051&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: CEFF04AEF0990ADA31530180857D0A01
Requests: 2 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 7B2E7CA0428EB868D676A04AC2BC36F0
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/snapshot
Frame ID: 054A6C49C5B88A4049E38636AA325119
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Licenses | Assurance

Page URL History Show full URLs

https://dk465e480ccpv.talk-target.com/prv/uPH-MY3bRbLMOyHO_eEjhMIyjMw08tLFMdUsScfGC5v_Bca2pB_clL5ZsrJYWXPO-G4Lqoax... HTTP 302
https://www.yebotzki.com/B8F8DJJN/6BS7SC6/?uid=697&sub1=GUOLW3QN657CA56SCON5N2KLRG57RI7R574BYFABYBGNR... HTTP 302
https://assurance.com/licenses Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

80
Requests

98 %
HTTPS

55 %
IPv6

26
Domains

34
Subdomains

32
IPs

6
Countries

1329 kB
Transfer

3445 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.prudential.com/links/about/accessibility-form
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dk465e480ccpv.talk-target.com/prv/uPH-MY3bRbLMOyHO_eEjhMIyjMw08tLFMdUsScfGC5v_Bca2pB_clL5ZsrJYWXPO-G4LqoaxdcaVdZZ01EdVyAaupdDgacbYJkl06jFjlxVc0KSF-OTueBKQkvlmRYOa8GfDFVZAgXhbTOi9OUxvDpoO8Ht4qqh7y02Ywr_AfdZ77DStZhYh9m89OO3oxvH-E HTTP 302
https://www.yebotzki.com/B8F8DJJN/6BS7SC6/?uid=697&sub1=GUOLW3QN657CA56SCON5N2KLRG57RI7R574BYFABYBGNRCBX62SQ%3D%3D%3D%3D&sub2=929623&sub3=254832620 HTTP 302
https://assurance.com/licenses Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false

Request Chain 64

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=12FEC22FD7004FB8B87E5DB427352E4E&RedC=c.clarity.ms&MXFR=1814312EB9B26BD4261F2221BDB26566 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12FEC22FD7004FB8B87E5DB427352E4E&MUID=1B7BF9EFC7B5628917E1EAE0C6676308

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request licenses Show response
assurance.com/
Redirect Chain

https://dk465e480ccpv.talk-target.com/prv/uPH-MY3bRbLMOyHO_eEjhMIyjMw08tLFMdUsScfGC5v_Bca2pB_clL5ZsrJYWXPO-G4LqoaxdcaVdZZ01EdVyAaupdDgacbYJkl06jFjlxVc0KSF-OTueBKQkvlmRYOa8GfDFVZAgXhbTOi9OUxvDpoO8Ht...
https://www.yebotzki.com/B8F8DJJN/6BS7SC6/?uid=697&sub1=GUOLW3QN657CA56SCON5N2KLRG57RI7R574BYFABYBGNRCBX62SQ%3D%3D%3D%3D&sub2=929623&sub3=254832620
https://assurance.com/licenses

29 KB
30 KB

494ms
423ms

Document
text/html

18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-65.fra60.r.cloudfront.net

Software

Resource Hash

3f384b0339182689cea443d95d895013a6a1d24955ce3606bbad3da73073c054

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; connect-src * data: blob: 'unsafe-inline' 'report-sample'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self' assurance.com .assurance.com assurance.dev .assurance.dev ; worker-src 'self' data: blob: cdn.trustedform.com; object-src 'self' ftp-assurance.s3.amazonaws.com; report-uri https://60ede17b9dc1b52ae71f0257.endpoint.csper.io?v=10;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

assur-appversion: 1.0.820
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; connect-src * data: blob: 'unsafe-inline' 'report-sample'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self' assurance.com *.assurance.com assurance.dev *.assurance.dev ; worker-src 'self' data: blob: cdn.trustedform.com; object-src 'self' ftp-assurance.s3.amazonaws.com; report-uri https://60ede17b9dc1b52ae71f0257.endpoint.csper.io?v=10;
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 01:37:28 GMT
etag: W/"3f384b0339182689cea443d95d895013"
referrer-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-id: WTtzY2FMh3tPx1I1KNZCUa6CJZlXGHH0cyGaez3uf_JzrZVFWsRUPw==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-request-id: 6b5a8e50-4635-44ec-b019-fc0d4eb798b8
x-runtime: 0.037346
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c5eefc67d921e68-FRA
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 01:37:28 GMT
location: https://assurance.com/licenses
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Icb1NLXyiOrvxO2ZsZcefzp9pmhurxBtYRe48f7g1LK92aJg%2BHHltmvU21g1zpSsrw%2F5fDJNYqPf8BmQDM0oOcIRLE6lrJKtPNwgL4pPt20kXqrXBZblZFuLUlCfZkMZG3KErfK%2F4djtfCVl0PFP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-eflow-request-id: b21dfe3e-2349-43ab-b7d2-a742df1b7eed

GET
H2 200 home-185588cac7fe29a9739fdfcb18782869071de55159de50dc17e2d5444551afd4.css
cdn.assurance.com/insurance/public/assets/ 133 KB
23 KB 78ms
11ms Stylesheet
text/css 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/home-185588cac7fe29a9739fdfcb18782869071de55159de50dc17e2d5444551afd4.css
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba4f340b68a3bd2feeb3f0fa0183ee7a6a065c70dced010c7b441bf1a4875fd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:38:54 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 12:09:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 43115
x-amz-server-side-encryption: AES256
etag: W/"07510b97b58bcc9cd6ab027710e2f972"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: IIbQqNnt99oUAL9VapOkbYstSltlSrZSi7WA1x5_7PcxSeTrR459Kg==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 180ms
62ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700,900

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bde63497824d0e8def3b1002068f212c8f4c1710dac5826296e9c969f5241647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 01:01:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 01:37:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
498 B 181ms
63ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 00:44:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 01:37:28 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 52ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 281743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZR6hlpcgN%2Fu%2FCJGZ0zLtZPbq0Ynai9j54Sj%2Fr7jwkXF5sPshlAh5jH5cu5bOQGZJ88rnF%2B6GSYlVnOG82N3AwfH582EO5p4%2F96qALM5J3GoFunHD0pQQHe%2FgDWooQ27x8jv%2BFQ5QkqYLMyoqBsQIsxQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5eefcabc4d3837-FRA
expires: Wed, 01 May 2024 01:37:28 GMT

GET
H2 200 utility-f7bb4f5bcc1b94a573b2556bcc5d55da20e91c40622bd57ab96ef504a03f98f5.js Show response
cdn.assurance.com/insurance/public/assets/customer/ 8 KB
3 KB 76ms
10ms Script
application/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/utility-f7bb4f5bcc1b94a573b2556bcc5d55da20e91c40622bd57ab96ef504a03f98f5.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 439072effbc41147849505d7f158a704f42c3d119d1efb871273f92cc016f45d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 06:03:14 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 22:18:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 70455
x-amz-server-side-encryption: AES256
etag: W/"6660fa8121eeb5a907f7439b1ea10edb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UMLhkeyGNYttxjldLThHw-aSESd0ks1jSdVWEyKZE6XzG3NLCuez_A==

GET
H2 200 recaptcha_v3_home-7062501380ccfb1c0b98c774b0da1f86f0785aa5c2da88efd4f72cbcd7528280.js Show response
cdn.assurance.com/insurance/public/assets/ 485 B
866 B 76ms
10ms Script
application/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/recaptcha_v3_home-7062501380ccfb1c0b98c774b0da1f86f0785aa5c2da88efd4f72cbcd7528280.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34e35a0c605372344d2f5c5f6d022f4368074b6680e281d50cdc1d6ec6400828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 13:38:54 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 12:09:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 43115
x-amz-server-side-encryption: AES256
etag: "4b4b3d9b5c8e178702a67435b3d584fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 485
x-amz-cf-id: JYdiBao2LfyevlIbHmg9P-g1JsuSnk8VLKgzakbanE2jjmi-u7p6TA==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 942 B
923 B 175ms
63ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadRecaptcha&render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62cbfe56aeaef95ec8738e443a2bfcc05c9ab76686a5af41bbc3443323b3b574

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 1; mode=block
expires: Fri, 12 May 2023 01:37:29 GMT

GET
H2 200 gtm-8e8463e4a63039e052c525edd7b33e519381d0255fb8269376ab59cd12a025c4.js Show response
cdn.assurance.com/insurance/public/assets/install/assurance/ 326 B
689 B 22ms
21ms Script
application/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/assurance/gtm-8e8463e4a63039e052c525edd7b33e519381d0255fb8269376ab59cd12a025c4.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ba851eaa85ebd1d88d1ab7056978b61d321aac674152171bd22bb049b557b82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 20:52:38 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Thu, 11 May 2023 14:09:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 17091
etag: "984dc02b1bce1d07269931537fc5f133"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 326
x-amz-cf-id: A9ejUrJPkwZY3M8v2ZnmPTgq7DVlUuYJ1PnEC9hmf1Kzmu75Oxs9RQ==

GET
H2 200 assurance_logo-24a50b738e9aca2a52e0ffaa8efa1a0e9e8b4f92d880a2fe2ddbb04f9a97c6d0.svg
cdn.assurance.com/insurance/public/assets/logos/ 3 KB
2 KB 16ms
15ms Image
image/svg+xml 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/logos/assurance_logo-24a50b738e9aca2a52e0ffaa8efa1a0e9e8b4f92d880a2fe2ddbb04f9a97c6d0.svg
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a6f4973a197b0326c683faabaa75fc43b984592a42e20998d1f2c3ec55d1607

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:01:31 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Thu, 11 May 2023 06:11:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 66957
etag: W/"da94f998b369e0d0acddfeb2f183520d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: Mo4oWvMev2g6iizsQxfAsQWJTELjW7XcL6z9VSW6T3UKTg2vOM-WsQ==

GET
H2 200 bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
cdn.assurance.com/insurance/public/assets/icons/ 9 KB
3 KB 17ms
16ms Image
image/svg+xml 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:35:37 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Fri, 05 May 2023 19:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 14512
x-amz-server-side-encryption: AES256
etag: W/"b96ec18537d2a85fa46cfaa1fb2ed5c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ROm4DH1FU9V0xR2bPO6_RgAwtoTWif2GyUDSF6Rn3G36HoLB1V2oEQ==

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 19 KB
5 KB 54ms
7ms Script
text/javascript 2600:9000:225e:9e00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:9e00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

87c35a9091f97271c0034ba8e825c9f175b6b1c5fdf2cbb16176a99b8eba5ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 00:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2593
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4657
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B76727C13B380FE8DB9CACCC952524A507BD12186000000000000000000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: 7V-YAlZiygJkEdGPMi7GnWOF9XA4AJKGTjjxaWbSHiReLQSiVkB41g==
expires: Fri, 12 May 2023 01:54:15 GMT

GET
H2 200 leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js Show response
cdn.assurance.com/insurance/public/assets/ 327 B
698 B 9ms
9ms Script
application/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a0f16d06bf9ac41309a737c1a0dbf17f5b0d85457a9a3ac0f5e19ef9fc07e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 05:10:52 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 00:03:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 73597
x-amz-server-side-encryption: AES256
etag: "73f14ec03bfcfe3c15aeb0572ac399d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 327
x-amz-cf-id: HZ53E7KqeJD58RmbqyJnsBkFTlGFogOIjltOp18bxsKY1zBmKmGEqA==

GET
H2 200 trustedForm-4a1205758bed9df95ef0ff78d02f73edd84361c32de02c6addd014f63fde670a.js Show response
cdn.assurance.com/insurance/public/assets/ 507 B
877 B 10ms
8ms Script
application/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-4a1205758bed9df95ef0ff78d02f73edd84361c32de02c6addd014f63fde670a.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87792716f5eabbf122dc3c4c9487684f8195a7560a129226a176c07590e62ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 05:10:52 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 00:03:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 73597
x-amz-server-side-encryption: AES256
etag: "7dfc839c10f98e973592e10bccc3db71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 507
x-amz-cf-id: xkBp0eqLI8hMhheRRMQyssRf84cOba74Jfw7tJI9pnJyRcmqVyp2jw==

GET
H2 200 home-66b41ee7533a1af77ebbbfb2ab911c75c365fc07bc12cccbe71383361cd0116f.js Show response
cdn.assurance.com/insurance/public/assets/ 211 KB
63 KB 10ms
9ms Script
application/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/home-66b41ee7533a1af77ebbbfb2ab911c75c365fc07bc12cccbe71383361cd0116f.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9149b61735d8e136bd5f7d804e25fa74db60e647cd7c50a9643da60eed558f62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 20:27:27 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Thu, 11 May 2023 14:09:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 18602
etag: W/"6284bab2bd46d5a956440dba53ce579e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VW9QvQ0QGGcFd54ToNLmmR1q3vX3HBOnU-bjYdkPXMooT5ajuFCCCQ==

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 140 KB
45 KB 38ms
8ms Script
application/javascript 13.225.83.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cabb32b537dde18f9475f215217912612da4bba1457b90d102834a686a7a6d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:36:43 GMT
content-encoding: br
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 12:00:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 48
x-amz-server-side-encryption: AES256
etag: W/"06c7718fe56bcb9a1959be1a66cda6c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: 0Fek26qI5FtQpS4rgL2Warjirlns08pAWghRRIm8g8J3n2EJ03qfvA==

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 25ms
15ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://assurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:28 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6252193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j9USh1vSyWoj7oPr2azpkfvdPrAkwmTGxipFRGOuFkHBLUTscGN2bmDaDqS4BLEqee8pq4ekMGMJC9HCgzt1Tvz7QVu7FzpfMrQSIABX7DOeJQlWyxH%2Fv9gELVzrHsdC1NX%2BDu8gqJbsbh592so8eUc"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5eefcbecd52c71-FRA
expires: Wed, 01 May 2024 01:37:28 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 224ms
116ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://assurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 475579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 13:31:10 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 158ms
50ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://assurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 467744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 15:41:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 278 KB
90 KB 183ms
72ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6DSLL

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/assurance/gtm-8e8463e4a63039e052c525edd7b33e519381d0255fb8269376ab59cd12a025c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b28cf1c21fc9cd3598a3bfaeb8a56451891e8b5d93e3c50d4502f1429712478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91427
x-xss-protection: 0
last-modified: Fri, 12 May 2023 00:02:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 May 2023 01:37:29 GMT

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/assurance.com/ 167 B
995 B 581ms
198ms XHR
application/json 52.218.205.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/assurance.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.205.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c785f17405994ad469859e3932a64952c2c9676a44af0144a34ca5959fdc658e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 01:37:30 GMT
Content-Encoding: gzip
x-amz-version-id: cOi3jD_ffUAwxT_dPvTOMjkJxgCz1h7a
x-amz-request-id: ZFP2VNFESQ0WVNGW
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 148
x-amz-id-2: G+JeYD5KCnvEs0s6KCCR0AfViga/+rfBzs0hMXtOth4jM/gvefA8Df3YcvCqAFUiUutxC+clhbA=
Last-Modified: Tue, 09 May 2023 12:01:40 GMT
Server: AmazonS3
ETag: "32f522f4ba6ae876ccdf6314c2a30e3c"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://assurance.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/assurance.com/ 167 B
995 B 590ms
207ms XHR
application/json 52.218.205.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/assurance.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.205.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c785f17405994ad469859e3932a64952c2c9676a44af0144a34ca5959fdc658e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 01:37:30 GMT
Content-Encoding: gzip
x-amz-version-id: cOi3jD_ffUAwxT_dPvTOMjkJxgCz1h7a
x-amz-request-id: ZFP6357CQMNXMS3S
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 148
x-amz-id-2: jjle+iVH+On+Hbd71oXHXygts44k/dzImNjnPEmIa23WoRLVO8VR9eBH8oKiwkN8mAnO0VxZxEE=
Last-Modified: Tue, 09 May 2023 12:01:40 GMT
Server: AmazonS3
ETag: "32f522f4ba6ae876ccdf6314c2a30e3c"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://assurance.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

GET
H2 200 cf934278-b099-eb50-bf86-105a165fcb4e.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 470ms
418ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by: Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea3f7aece0698a0dcb031494b5cda7bede672f6f519089c7f577f08167a5b38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
x-amz-version-id: T1vJwZ3fBzSc5TLFcqWE7.YjAf3NMp7b
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 01:23:19 GMT
server: cloudflare
x-amz-request-id: SG85EWMTGHX1ESYB
etag: W/"4635e57a24cd38a60066de61a2e99808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7c5eefcc59ed0410-FRA
x-amz-id-2: mjm3ktYcnHD9zqwYn/qcj6/Xn8IDZy/Y0wdOvgegijIsAN7BYuzm4rMrN6xmOu8EMW3BORnyROg=

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false

7 KB
3 KB

296ms
240ms

Script
application/javascript

2600:9000:223d:7a00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Server: 2600:9000:223d:7a00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:30 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: OVze5c5CookZ-jGqpqf-B9iipjZhT4xdaYEWaDW-l9xo56gGn3iy0w==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false
date: Fri, 12 May 2023 01:37:29 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ic_close_black_24dp_2x.png
assets.assurance.com/img/icons/ 235 B
609 B 109ms
10ms Image
image/png 143.204.215.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.assurance.com/img/icons/ic_close_black_24dp_2x.png
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-73.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 14:30:14 GMT
x-amz-version-id: null
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 21:18:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 7211235
etag: "637093407c90164fe23f9a0239638b56"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
content-length: 235
x-amz-cf-id: 19yjrdP1m004HG784D_50qvh0ayO0xuzHK2lixdwZHL2MrVnsuPTrA==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 145ms
94ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://assurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:55 GMT
x-content-type-options: nosniff
age: 534154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 21:14:55 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 411 KB
165 KB 157ms
51ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptcha&render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://assurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 16:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 16:46:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 168ms
52ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DSLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 May 2023 01:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1949
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 03:05:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DSLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 01:37:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0NhqW5l/lfNi1FWZ/ueGN/F03e0zLwxhb/5c/YoSNAO6f4jgAqGx4CPAy8BpTmDUoJ1+XMxUiWZiUUixOfWljQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 t0 Show response
c1.ox-bio.com/ 23 KB
23 KB 1316ms
114ms Script
application/javascript 199.68.195.198
EVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=undefined&cid2=undefined&cid3=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DSLL
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 199.68.195.198 Sandys Parish, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software: /
Resource Hash: 5592be2ce1da50f5e290ac76e36f71187d5f3374063ebfb48b771a9af5304656

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Tue, 25 Dec 2018 14:00:00 GMT
date: Fri, 12 May 2023 01:37:30 GMT
cache-control: no-cache, must-revalidate
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 58ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 12 May 2023 01:37:28 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B5A19F94FAD4CFFB946DB0D3754CE06 Ref B: FRAEDGE2005 Ref C: 2023-05-12T01:37:29Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 175ms
110ms Script
application/javascript 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAFTG13C77U9MLGRGBQG&lib=ttq
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: eba14e059ad1c83a8b0d85b5ae83d58fca7727610f6f0b2653a058934e5fe435

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id: 3d703c2
date: Fri, 12 May 2023 01:37:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
content-length: 1425
pragma: no-cache
server: nginx
x-tt-logid: 202305120137294D6B807AAA7F7341B552
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,23.38.99.91
x-tt-trace-host: 0182666b72bd0f36c7404233a29f25a79352f670ba86ab58c5add2e09ad4043e669b61fec518202425339ba4694e8df530c0e320ecd9c2d230e9f9696a5dc1aa8f07fc0a3dd6a2372164da3458120a1cd10bb3d862bf4b2da5b3f34a55b35627e4
expires: Fri, 12 May 2023 01:37:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
83 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PZV5FSS6MS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6DSLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

405153aae2f22f4132d2cefe0d26def7c6696b3e00e80d419f01709df7022fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 01:37:29 GMT

GET
H2 200 260024085774300 Show response
connect.facebook.net/signals/config/ 302 KB
87 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260024085774300?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3b38dfd8d88a7e18056bc04c89813ebd78cd7d0149de783558f91da819571f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 01:37:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oWUyK26VhBQh8rzLFb/GDvMhLbuuIgKnMICaNkNnwI36bBq7G8SalPCAOAd/5cFGRju+g69ZIZQmo8RtOrGFVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5223060.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 104ms
104ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5223060.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

36290474b54d78fe98f5cb62987f6bf606e74624ab105126c7780ab6cd89f680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 12 May 2023 01:37:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE2D0FF178CA4256BCE19681C00E669C Ref B: FRAEDGE2005 Ref C: 2023-05-12T01:37:29Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1496

GET
H2 204 0
bat.bing.com/action/ 0
286 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=a2306943-6275-414e-9265-39c8532d7b10&sid=8e9cdbe0f06511eda26185a7b171072b&vid=8e9cd970f06511edba119709238369cb&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Licenses%20%7C%20Assurance&p=https%3A%2F%2Fassurance.com%2Flicenses&r=&lt=1280&evt=pageLoad&sv=1&rn=716399

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 May 2023 01:37:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE33FB55D76A403A83B66C2EA3971F6B Ref B: FRAEDGE2005 Ref C: 2023-05-12T01:37:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 49ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PZV5FSS6MS&gtm=45je35a0&_p=786726320&cid=2081007519.1683855449&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683855449&sct=1&seg=0&dl=https%3A%2F%2Fassurance.com%2Flicenses&dt=Licenses%20%7C%20Assurance&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PZV5FSS6MS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 01:37:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260024085774300&ev=PageView&dl=https%3A%2F%2Fassurance.com%2Flicenses&rl=&if=false&ts=1683855449457&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683855449457.391571545&it=1683855449318&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 01:37:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DD6D 50 KB
28 KB 85ms
84ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9hc3N1cmFuY2UuY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=kc3pzpuwsh5g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63cb6f92c4c14c1154c568156e30c45335c6a8ea8f0bc371273371af3057ddba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rEJjWhxEFYFMi6pyM1N4oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27916
content-security-policy: script-src 'report-sample' 'nonce-rEJjWhxEFYFMi6pyM1N4oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 01:37:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 5223060 Show response
www.clarity.ms/tag/uet/ 1016 B
1 KB 162ms
96ms Script
application/x-javascript 2620:1ec:48:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5223060
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5223060.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e9b1e457028e81c3c9f7426c52790b884338e7069cc4a8397f35cb6be2095ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 12 May 2023 01:37:28 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0WZhdZAAAAAC09zhchS4TSZ2mOU3UQGNrRlJBMjMxMDUwNDE3MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 398ms
168ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&_=453379645

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ffedbae698cac9b0ac65cef3f1320e41bd97aa9f95cbe8e94f79cafb539cec79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-73253617-2&cid=2081007519.1683855449&jid=611640163&gjid=1654816861&_gid=1812501877.1683855450&_u=YCDAiAABBAAAAE~&z=1703880518

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 May 2023 01:37:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://assurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 54ms
53ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=786726320&t=pageview&_s=1&dl=https%3A%2F%2Fassurance.com%2Flicenses&ul=en-us&de=UTF-8&dt=Licenses%20%7C%20Assurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABB~&jid=611640163&gjid=1654816861&cid=2081007519.1683855449&tid=UA-73253617-2&_gid=1812501877.1683855450&gtm=45He35a0n71T6DSLL&z=747222015

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 23:23:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWI2MzlmMWJmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 10ms
10ms Script
application/javascript 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAFTG13C77U9MLGRGBQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id: 3d703d1
date: Fri, 12 May 2023 01:37:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230510203301CDD88B3954031F410482
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017917249a0a29de065612024d68774df9461d782f266ebfa3117de0156a3fb387ffa6b6fecc8a84b4ed6d54ca8a2fe83ef9ed73a0ed5602d82b158de767ed9bb44370f823e96696717c16e7c8d3ceb3bbf9da9ce2b583c5804038d4959d5b8a3b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 67483

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
999 B 553ms
179ms Script
text/javascript 54.149.70.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=assurance.com&rand=1683855449550

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.70.87 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-70-87.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: Apache
x-trace: 2B6EF7B2C2EF3D8A1A6C86F08384012DCA82C4D854000000000000000000
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type: text/javascript; charset=utf-8
content-length: 26

GET
H2 200 202.svg
cdn.ywxi.net/meter/assurance.com/ 19 KB
8 KB 162ms
162ms Image
image/svg+xml 2600:9000:225e:9e00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/assurance.com/202.svg?ts=1683633699276&l=en

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:9e00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Miss from cloudfront
content-length: 7295
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2BDE391FA925EDBE630175E00163C767DAD1A11552000000000000000000
content-type: image/svg+xml
cache-control: public
x-amz-cf-id: -Ofou0IYT_uGq19x81CnR8eBagUEi3oF3Cbx2PFICXVNG6ofKfBt7Q==
expires: Fri, 12 May 2023 02:37:29 GMT

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
30 KB 9ms
9ms Script
application/javascript 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id: 3d703d6
date: Fri, 12 May 2023 01:37:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305102033027B7E57F9D271A3440E0D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a2d8b12e65a8b892d6b1bc8a97add759db2bc6481d77fa754665085103b56575fda461952f90d2d3c843e869bad5964c08552f1d080d40d0c9de571ee7baa15afe7c3fb347e876a328bcc4ce07fe9f35644d83c67568adf532ab2a66c90f40c4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30614

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 131ms
130ms Ping
text/plain 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7ef0ae6c.3d703da
date: Fri, 12 May 2023 01:37:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 118,23.38.99.91
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=28, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023051201372964EEE661D0223223B623
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,23.220.104.211
x-tt-trace-host: 0182666b72bd0f36c7404233a29f25a7932715aef2ca2ae2e6ceaaa1bc9cede205fbf09fbedf0520767cc37170c46b38bb660094bf2e13c62281d117f22b9ab7712eaf5d7f750e6da2a842dc87f9942164439a75b5236d3b8b1d4f19b2b50476ff2896bb4b0d414d5067586eecda2f7454
expires: Fri, 12 May 2023 01:37:29 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame DD6D 55 KB
24 KB 164ms
53ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9hc3N1cmFuY2UuY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=kc3pzpuwsh5g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 04:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 04:36:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame DD6D 411 KB
164 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 16:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 16:46:30 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
283 B 63ms
63ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-73253617-2&cid=2081007519.1683855449&jid=611640163&_u=YCDAiAABBAAAAE~&z=61687561

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 01:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 178ms
64ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-73253617-2&cid=2081007519.1683855449&jid=611640163&_u=YCDAiAABBAAAAE~&z=61687561

Requested by

Host: assurance.com
URL: https://assurance.com/licenses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 01:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 9ms
9ms Script
application/javascript 2620:1ec:48:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5223060
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:28 GMT
content-encoding: br
last-modified: Thu, 11 May 2023 16:13:04 GMT
etag: "0x8DB523A9A0D7A32"
x-azure-ref: 0WZhdZAAAAAAv/55YJKhKSa/ISbq1QDxjRlJBMjMxMDUwNDE3MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ad56aa26-f01e-0052-1c25-845233000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
293 B 335ms
95ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://assurance.com
Date: Fri, 12 May 2023 01:37:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame C4DC 3 KB
2 KB 46ms
7ms Document
text/html 13.32.23.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3F45377B-040F-F94D-FDF4-0F88717FF051&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-67.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 80862
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 11 May 2023 03:09:47 GMT
ETag: W/"643ec1f4-dbb"
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: jiIYqM7qBFBj6RlypSt1tcW9Z1ORBVt2MwapsXTJNmrvGdmNv-qLnw==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
624 B 113ms
113ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&token=3F45377B-040F-F94D-FDF4-0F88717FF051&_=453379646

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 111ms
111ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&token=3F45377B-040F-F94D-FDF4-0F88717FF051&_=453379647

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DD6D 2 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:52:14 GMT
x-content-type-options: nosniff
age: 438316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 13 May 2023 23:52:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD6D 15 KB
15 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 439735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD6D 15 KB
15 KB 50ms
49ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 460185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:47:45 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame CEFF 4 KB
2 KB 360ms
112ms Document
text/html 3.220.50.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=3F45377B-040F-F94D-FDF4-0F88717FF051&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3F45377B-040F-F94D-FDF4-0F88717FF051&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.50.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-50-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Fri, 12 May 2023 01:37:30 GMT
etag: W/"6425e809-1049"
expires: Sat, 13 May 2023 01:37:30 GMT
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DD6D 102 B
132 B 56ms
56ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9hc3N1cmFuY2UuY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=kc3pzpuwsh5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Fri, 12 May 2023 01:37:30 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame CEFF 0
627 B 327ms
112ms Script
text/javascript 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=8AA3F211-CA81-3833-51B1-095D2985DA90&lck=CF934278-B099-EB50-BF86-105A165FCB4E&methods=48&token=3F45377B-040F-F94D-FDF4-0F88717FF051&uuid=62235832350e435cad2cd772bb8f86f1

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=3F45377B-040F-F94D-FDF4-0F88717FF051&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
c1.ox-bio.com/t04/ 43 B
76 B 116ms
116ms Image
image/gif 199.68.195.198
EVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t04/?v=94216009760905680&oxtrk=141&zk=8f53064b-f065-11ed-8dec-005056ac75a7&zl=6866&ts0=1683855450704&zm=0
Requested by: Host: assurance.com
URL: https://assurance.com/licenses
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 199.68.195.198 Sandys Parish, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:30 GMT
content-length: 43
content-type: image/gif

POST
H2 201 certs Show response
api.trustedform.com/ Frame 7B2E 475 B
686 B 316ms
109ms XHR
application/json 34.203.56.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.203.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-56-164.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ea617d8b7ebff4d3a4d18d7d5b7f872c2e13f45ced8ab2aaa3fa4b3321877fba

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 May 2023 01:37:31 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=12FEC22FD7004FB8B87E5DB427352E4E&RedC=c.clarity.ms&MXFR=1814312EB9B26BD4261F2221BDB26566
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12FEC22FD7004FB8B87E5DB427352E4E&MUID=1B7BF9EFC7B5628917E1EAE0C6676308

42 B
444 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12FEC22FD7004FB8B87E5DB427352E4E&MUID=1B7BF9EFC7B5628917E1EAE0C6676308
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 01:37:30 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
server: Microsoft-IIS/10.0
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 01:37:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B07160D194E64F799D32C0204A7B6FF4 Ref B: FRAEDGE2005 Ref C: 2023-05-12T01:37:31Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12FEC22FD7004FB8B87E5DB427352E4E&MUID=1B7BF9EFC7B5628917E1EAE0C6676308
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
c1.ox-bio.com/k2/ 43 B
88 B 116ms
116ms Image
image/gif 199.68.195.198
EVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/k2/?oxtrk=141&oxuid=ASS0001&zk=8f53064b-f065-11ed-8dec-005056ac75a7&zl=6866&zm=0
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 199.68.195.198 Sandys Parish, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:31 GMT
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260024085774300&ev=Microdata&dl=https%3A%2F%2Fassurance.com%2Flicenses&rl=&if=false&ts=1683855451097&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Licenses%20%7C%20Assurance%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683855449457.391571545&it=1683855449318&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 01:37:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 trustedform-1.8.38.js Show response
cdn.trustedform.com/ 102 KB
37 KB 9ms
9ms Script
application/javascript 2600:9000:223d:7a00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16838554489690.22033556326302772&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7a00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 01:37:21 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 14
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ykr4dERsx6Blv7JkBJUPYQv_pComl2ukdRzWefWfL19aWnRY-gGiLA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/ Frame 054A 0
159 B 220ms
219ms XHR
text/plain 34.203.56.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.203.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-56-164.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 01:37:31 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 assurance_logo-24a50b738e9aca2a52e0ffaa8efa1a0e9e8b4f92d880a2fe2ddbb04f9a97c6d0.svg
cdn.assurance.com/insurance/public/assets/logos/ 3 KB
2 KB 11ms
11ms Image
image/svg+xml 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/logos/assurance_logo-24a50b738e9aca2a52e0ffaa8efa1a0e9e8b4f92d880a2fe2ddbb04f9a97c6d0.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a6f4973a197b0326c683faabaa75fc43b984592a42e20998d1f2c3ec55d1607

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:01:31 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Thu, 11 May 2023 06:11:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 66960
etag: W/"da94f998b369e0d0acddfeb2f183520d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 4c5SiavU85aA5Bo2O1PEILwEFdoVyw9WGYTPRiPXtcGICwTcP_kUjA==

GET
H2 200 bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
cdn.assurance.com/insurance/public/assets/icons/ 9 KB
3 KB 11ms
11ms Image
image/svg+xml 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:35:37 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Fri, 05 May 2023 19:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 14515
x-amz-server-side-encryption: AES256
etag: W/"b96ec18537d2a85fa46cfaa1fb2ed5c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 7gLycvbRUvQ-HuA1wK7D6-WUdvUFIQHh_QE3CU33eZiQmhTA1P1WUA==

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/ Frame 054A 0
159 B 211ms
211ms XHR
text/plain 34.203.56.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.203.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-56-164.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 01:37:31 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 204 0
bat.bing.com/action/ 0
121 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 May 2023 01:37:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F37B3F98667F43B48F245D8ECE81B644 Ref B: FRAEDGE2005 Ref C: 2023-05-12T01:37:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 119ms
119ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&token=3F45377B-040F-F94D-FDF4-0F88717FF051&_=453379648

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
c1.ox-bio.com/t01/ 43 B
65 B 118ms
117ms Image
image/gif 199.68.195.198
EVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t01/?d=mg9brdv7fY6IKj7C3+AH8pdGlO9TFcbUCr09n/UKMaQzF2KY4KMfS7DRa2BkEqfUlNGww4yxJKhYtszlKtTHqrWXV1cLGx//IEyzZ40ZeL8mfHhGc5Azvrj4FMO7I5tdf7VVF9oB9JDrhO/Ia/DQRcJY0S79u9wmwq1NFzOr/LLeOssxC+dXcMYzzH85t6r8Jzu5kU7VfEA33FIyqwrTgGE63nVUl/ExtlAcE0puOJZ8E0CnMxuJclULTRq+a8UbNwhg1GQBVJV0dSP/6a+dK5VcNqsbrOXaJVnnstsGJAdjEtxKYdKyOyJWOKT6PcL5IHSSwtyiN+ocFiHxOzeUXrwn2wqk+hWiL4ISrrS4mbV415M6xDULz0u9H+A2Y/jVF1r10JZyDMCIYJ9C6UIkkd/gbwQ58vsPlVOCoGE5Deo0t07MEzYlbkd9KIQsg5fw4CIQYFO/r9qMIRDReogsIuU+PB686JNHgm9n+b52BDCE4dUENkrLttcWz3ExEHCDJJjqs695G0xzf9y3I1Qs8naUkHGlV4lzUSi3p/8Jg4nPxpBpOlsGIcoLV0c6GJAmnSXYh0E64HJKVgVAHVfY2YnKxbYGPXUqE2Q0a1P2BoBe2BnOU1XT9ROxeNC0PSuU+rX65QVzFu3+oyJ3WPMMkMtrJeTe7hChYX4NNLdhOvq/QGVG4634adC4OiZ0sEKnOsAzqavmq5QlKAKvZZ74D7pcF3tbj1Ln5lNFmCiN8CJ0ZxJzOefWyZyrv09+kbGOEys04lJ5KHcxDg9hcIsarWkSu7mRTdJwKzVpqHeYwZcZar6oN57Szz2g6pR9tCqQ7A5z0fZRU0eHd9V95g5oHEQDHI4gVv1G2kyBIKX/7+VA6+K8ICYBKPhLUSQRXNegPa+yFFI7caO7mpKGm+WcX8wnqB2rWg0QCSHCF+rCIj+MepYSSrC2NJmgdzWVJeRgzMx7HGQkCWbfI5+L0E+trS1EngxwIquDYV8HmYFghBj+a+FTtltJXtvBRTKvJddERCotTnYXOj0VvfwteIVhCJwqtjPxoo/FPxqIkVv184sqHeO1MZXa/6ay6tqAPEd0aAuBECvGMo1wHmTMIt0gLUF8A/i+UX8XI0qcCPAncwJbj8DYeEPtb+Zcs7nYcq0ya9nyqQQO7e6+2NH8XEiydtTjRaROfZ2iKa6SG9HXgXNdzwOC1KD8Fl6jUq8aHtk2Hf4U24HBGB43TAqbk9GaD9ctGxolU5zzkFnRbNOaNyB/J7ain+w3/tKcPe5f77xVDPVUKUJahORWNm1EWJrfzJCpo2JOjE91J0/dj6fvesx2spYhBM4atB4e8naSMKvTk5R3pD5OklsOoJ+bO5FkZ7NW/8gTTEpzAgjuL1F/RtGud8WiNZL3CZavTh3S5cwAhvMT/Vo/ZF/Pmd6vK0Bg1CGFrPTNsUq/HGGPK2VzWOLISMyuO+gUQmchtlBHrwz17zkrGsNfCHIA4MOYkpSgFbUML/dSwfLHPYDz46nWLBZhpxB3GvZYMhcjoDeHi/3sO17fPQxOdw456zQHdLX02ziVzIE2/XEOakRH4yMwOQrGVgo4Chjtq13l3grZmCQ0IuRaeN5lHXqXr6cjpBiWqbsnBhKEIkUxryHDO94jN2dmBUxWRXOWHVRgMHNG2bn9bjR7kIsSHBL7fYx+RZD5EKp3HWijSvtiMGXj+f9Oe4ty/NXkJtUsmnFuK7jHLndCEjpSLe0I0CYY+isI7m/h0WojJrEBAzDoTpKIG9tzxkR45kUke5lFfiyy1hlLIu0gM6r3vL+eL2U+IS+9HnpEB7JLkmaW2TK8rGpmh3mzDg3ZKP0VZcxkbHDk/iv3pvmlHXa0QzYN3oExbxL5L/a+EYB8Ke4UkQBDUDhjIxqKn09cAbhdCuR1GjzCuKJQM4NnasM0t8FJYsOppP0jIAi3yrY4pf6RoxJyOJM/CDU6yrdDHhd3e17bAECuuliipu608usZGgnwrt96iCUZiLnNN6uXWOpAKpJwUN493V77GU61sU3AO3t0KQ0XXor0ZdZOPn0cmD+aTIr9eFWxuWZUMCmxK99Y4cvG9GP0XgCA/8p5uZFBL1x1gxIdOneyzj+as2a494ON/fWWplDTzp1usHb6wmP0+CZnzo/geQBSqsfLHqJ5pAn1pSx+vNnqk8FGbchHK5IwhqFIOfsQEF7EX/f/JxsaGDX3EDRcVAb0FeA6j8OFOqydmTNSCRPNFZDPG6/YKkaENyu+Ny6wBBU7Jd/9Xfc0BZwIH2UPN6ui0ayCM57uisX9Xdo2NvS3CA/3NQJ9HJcD2Mj7opeBBn/n4OAYt8RsMsR2WkP1O1n0q1a5Q7zUn3uU9ePEX9awH3P7QwbmqHKjSZhG70co5MSiXwAvNYiZk15R9Oz6Rbzx0rkNbvM8EROHJLp5wacpo8pcK3T9N0uzGWe7LLnofa6kJdfc1DH53pyy1lLHM3WGbyAFufiaJCz3qLfa691zfLm1lNo5KSkJrdiquCyLAGmjiEN05Z8vfl9+3GMDKJxT7DK1fS3Zo97IUdGquRBNc6QoCbC7fzx73pgiD0540i2Zoh6NIuHNeVcnYxSV0hr/V3QQWLmts2zyQWFeNJicRpU8lA015Ew7XYJWLRxW3TwnzoAJVEA6lraTz7F/0WQpYCouHEo4F34C+jN2zzNZFgB6X4+AcUdgyob6osZ7BofdypvtPC0RRzn7joUyhUKXaDeaJRj6R1Shn1x44iu1ZTLiOSWsAG/p2xTAAVNFMRg27j1nKBcFJ2rtjW2hQBhJXbz/vPd3oUb6XmNqUXzwQemvwnqFfnhZhDVgNT8YNcWjhgOffUj6tlUCFvP4dezGGI80qTdPmgMjfIGPkuUKGfjiCcsedOvfPtVo2MlDzn5H2o+UYsV89thGtDcmG3hM3P39VZabDZzD5KOvO2G/gb+ouPBRrA0fjqOOw0s6P7cc0DWQ/F+0Pnr7Yn/oWfL9r/uJ+XfsMxLdZmvUUHiUNmDWc+OUjjf6nE9GQPXELimiM5hc2zZmEoXdBRKQ+liwyNGzDRGVGefA1dIoY1UtPnM4/juqcM1GZWUWU+R6eAXYMOwNBUY2ZdclxxbDReQ029RazLkT3xx2mEME5wi8OycJ/ikdN6oECPPM7pahRRUit6XrrUb98BqDABJ5jlI3SSyukfhIzSLaU+udCAP8P4rlS5uKQoXUbrdpU1vensAHZJvn2npmm7gLXlGVplKvYfXpwkvnf/lWNugMXj4CHkZDomFVPMjQsyiQmx26pTrF6nHVgvDRFM2d/WQmvZc26hKcSG366RuueTMnI66bInP0enMUfBvKeMZR3okCrDyMVxFGgFGkgAo+cdZHNgOKxArKxpCHsTDMdQ/TcurDtM2X5sTf3HQH4KPVS+1yz59gy0iLbMqBi4HD43PQsaF5hqx63jS7PZVtnHjdtUkQnni3mdX1ZuMyNEsLXSQKe5avOouc56EnPxr3ahkddDhUT+L9yGI7rs0ZUxc2qunq/VANkmdXMooZvzfsLQ9ChcFZ8kAN2nlcT08BIfbVz0W5SheYTULzMD9I/nyZZdqp4OlkXI4aeNY/KEo3V7LZO/q7Rhn55EyActl81zWBacizaRjX5u2bqglwShPpVxLULIX3UfqWnavJ6tO1taQefg0LRGIybj+Vqx794koRyN6Dg1vpeBe32IJ4aOPWcrhZ3jM4OLgmWpY21gx02o8n3Q9me1dYfjzSHvOHXCIaQmUzsYpKYgUKfLR9c436QKKmmEl9YZZp/wO/VgKl1/ZdEPi2GDtf1KLydZa4Lvc8EbGwIZn3c91Gi4iNL7bV05Fo7WsIiJoD9bTcnVaC7hiFtxAGkgPP3TmlEndxPez+qHc6ydbT+VURjszJCZT5/+kRLqeO9o+9CwZpoELVH+qELBadDMbNG6AHGC7wBAHLw7N2739NoGZOyAH4V0LUxA0BKg7AGXRxkqc9ZwLtMZ+yMx2uHnt5dZ9xdwP0YCMwmoAy1km4JRbyPUVy65JxQON992nCmmxVEXcpIJXTjjjt/PeyF4dPrbFX8cW0Od54MTajI3wg5WD0JWrwPHVaXokSC4Mn5tOxfwIS8JOMsM60qVc7pu/WL/6rNBep3mYaLafgqZ11plECb018JiVTeI/pXG9N+wKwOwIxJBI34NIYWd9yvh70RNM1IVbqE277cSga0r==&c=510142360&oxtrk=141&oxuid=ASS0001&zk=8f53064b-f065-11ed-8dec-005056ac75a7&zl=6866&oxltc=315&zm=0
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 199.68.195.198 Sandys Parish, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:37:31 GMT
content-length: 43
content-type: image/gif

POST
H2 204 events Show response
api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/ Frame 054A 0
159 B 109ms
109ms XHR
text/plain 34.203.56.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/0f6eb8b94e74e038835cd664bbf0189c8c4b0c75/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.203.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-56-164.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 01:37:32 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 572ms
241ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&token=3F45377B-040F-F94D-FDF4-0F88717FF051&_=453379649

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 264ms
225ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&token=3F45377B-040F-F94D-FDF4-0F88717FF051&_=453379650

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 554ms
258ms XHR
text/plain 54.86.112.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=7&pid=14898ab9-6dbc-42fa-9352-4d2977954c68&token=3F45377B-040F-F94D-FDF4-0F88717FF051&_=453379651

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.112.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-112-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 01:37:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yebotzki.com/	1970-01-20 11:45:41	Name: uniqueClick_6BS7SC6 Value: 3ace3000-5d97-4020-83d6-0b2e844e9e99:1683855448
www.yebotzki.com/	1970-01-20 13:53:51	Name: transaction_id Value: 4d98338498f046f68e75b5cf162d91d5
assurance.com/	1970-01-20 21:20:15	Name: retreaver_id Value: VqmdChebxhnB6NhrotbSCAxqeXRZnw%3D%3D--u5DZOD35shmQhZFl--oe%2BLqOnmv0VxqZHUSOYXIg%3D%3D
assurance.com/	1970-01-20 11:44:22	Name: insurance Value: e7ecc3bd83e8f5e0f27188df707d0081
.assurance.com/	1970-01-20 13:53:51	Name: _gcl_au Value: 1.1.1473459458.1683855449
.assurance.com/	1970-01-20 11:45:41	Name: _uetsid Value: 8e9cdbe0f06511eda26185a7b171072b
.assurance.com/	1970-01-20 21:05:51	Name: _uetvid Value: 8e9cd970f06511edba119709238369cb
.bing.com/	1970-01-20 21:05:51	Name: MUID Value: 1B7BF9EFC7B5628917E1EAE0C6676308
.assurance.com/	1970-01-20 21:20:15	Name: _ga_PZV5FSS6MS Value: GS1.1.1683855449.1.0.1683855449.0.0.0
.tiktok.com/	1970-01-20 21:05:51	Name: _ttp Value: 2PfkJCkc2vLetVqbvn9wl6R1w3t
.assurance.com/	1970-01-20 13:53:51	Name: _fbp Value: fb.1.1683855449457.391571545
.assurance.com/	1970-01-20 21:20:15	Name: _ga Value: GA1.2.2081007519.1683855449
.assurance.com/	1970-01-20 11:45:41	Name: _gid Value: GA1.2.1812501877.1683855450
.assurance.com/	1970-01-20 11:44:15	Name: _dc_gtm_UA-73253617-2 Value: 1
assurance.com/	1970-01-20 11:45:41	Name: trustedsite_visit Value: 1
.assurance.com/	1970-01-20 21:05:51	Name: _tt_enable_cookie Value: 1
.assurance.com/	1970-01-20 21:05:51	Name: _ttp Value: 1obT1fVyQtDX2406Dd5YElSYqi5
www.clarity.ms/	1970-01-20 20:29:51	Name: CLID Value: c6660c9b50cc45269900a30844bf20a4.20230512.20240511
.assurance.com/	1970-01-20 20:29:51	Name: _clck Value: 1k1wlic\|2\|fbj\|0\|1227
assurance.com/	1970-01-20 11:44:16	Name: leadid_token-8AA3F211-CA81-3833-51B1-095D2985DA90-CF934278-B099-EB50-BF86-105A165FCB4E Value: 3F45377B-040F-F94D-FDF4-0F88717FF051
www.trustedsite.com/	1970-01-20 11:54:20	Name: AWSALBCORS Value: hv2jFe4R4h7R6KgO06qpQ7LsEpKI7JQBGQm/1d+I6x3awQpFUTz1iXxp1Yh9qfBHHbR2RfgueSZblPCBAAqkfK7uMFG+F73okYppDN8DufRIiKJiAGw73sTou7IM
.assurance.com/	1970-01-20 11:45:41	Name: _clsk Value: 1l09zpj\|1683855450140\|1\|0\|e.clarity.ms/collect
.deviceid.trueleadid.com/	1970-01-20 21:20:15	Name: uuid Value: 62235832350e435cad2cd772bb8f86f1
.c.bing.com/	1970-01-20 11:54:20	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:05:51	Name: SRM_B Value: 1B7BF9EFC7B5628917E1EAE0C6676308
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:05:51	Name: MUID Value: 1B7BF9EFC7B5628917E1EAE0C6676308
.c.clarity.ms/	1970-01-20 11:54:20	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:44:16	Name: ANONCHK Value: 0
assurance.com/	1970-01-20 11:44:16	Name: _dd_s Value: rum=0&expire=1683856349011

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; connect-src * data: blob: 'unsafe-inline' 'report-sample'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self' assurance.com .assurance.com assurance.dev .assurance.dev ; worker-src 'self' data: blob: cdn.trustedform.com; object-src 'self' ftp-assurance.s3.amazonaws.com; report-uri https://60ede17b9dc1b52ae71f0257.endpoint.csper.io?v=10;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.trustedform.com
assets.assurance.com
assurance.com
bat.bing.com
c.bing.com
c.clarity.ms
c1.ox-bio.com
cdn.assurance.com
cdn.trustedform.com
cdn.ywxi.net
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
dk465e480ccpv.talk-target.com
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
www.clarity.ms
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.trustedsite.com
www.yebotzki.com
13.225.83.103
13.32.23.67
13.32.99.34
143.204.215.73
18.66.122.65
199.68.195.198
20.62.48.180
2001:4860:4802:32::36
23.38.98.27
2600:9000:223d:7a00:1c:7f1a:6680:93a1
2600:9000:225e:9e00:14:6bfc:5740:93a1
2606:4700:10::6816:26b6
2606:4700::6811:190e
2620:1ec:48:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
3.220.50.246
34.203.56.164
52.218.205.136
54.149.70.87
54.86.112.18
68.219.88.97
91.246.216.167
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0a6f4973a197b0326c683faabaa75fc43b984592a42e20998d1f2c3ec55d1607
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1
2b28cf1c21fc9cd3598a3bfaeb8a56451891e8b5d93e3c50d4502f1429712478
34e35a0c605372344d2f5c5f6d022f4368074b6680e281d50cdc1d6ec6400828
36290474b54d78fe98f5cb62987f6bf606e74624ab105126c7780ab6cd89f680
3ba851eaa85ebd1d88d1ab7056978b61d321aac674152171bd22bb049b557b82
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f384b0339182689cea443d95d895013a6a1d24955ce3606bbad3da73073c054
405153aae2f22f4132d2cefe0d26def7c6696b3e00e80d419f01709df7022fb1
439072effbc41147849505d7f158a704f42c3d119d1efb871273f92cc016f45d
4ea3f7aece0698a0dcb031494b5cda7bede672f6f519089c7f577f08167a5b38
5592be2ce1da50f5e290ac76e36f71187d5f3374063ebfb48b771a9af5304656
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
62cbfe56aeaef95ec8738e443a2bfcc05c9ab76686a5af41bbc3443323b3b574
63cb6f92c4c14c1154c568156e30c45335c6a8ea8f0bc371273371af3057ddba
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
6a0f16d06bf9ac41309a737c1a0dbf17f5b0d85457a9a3ac0f5e19ef9fc07e5f
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cabb32b537dde18f9475f215217912612da4bba1457b90d102834a686a7a6d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87792716f5eabbf122dc3c4c9487684f8195a7560a129226a176c07590e62ea2
87c35a9091f97271c0034ba8e825c9f175b6b1c5fdf2cbb16176a99b8eba5ec8
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8e9b1e457028e81c3c9f7426c52790b884338e7069cc4a8397f35cb6be2095ca
9149b61735d8e136bd5f7d804e25fa74db60e647cd7c50a9643da60eed558f62
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b3b38dfd8d88a7e18056bc04c89813ebd78cd7d0149de783558f91da819571f8
b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a
ba4f340b68a3bd2feeb3f0fa0183ee7a6a065c70dced010c7b441bf1a4875fd3
bde63497824d0e8def3b1002068f212c8f4c1710dac5826296e9c969f5241647
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c785f17405994ad469859e3932a64952c2c9676a44af0144a34ca5959fdc658e
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea617d8b7ebff4d3a4d18d7d5b7f872c2e13f45ced8ab2aaa3fa4b3321877fba
eba14e059ad1c83a8b0d85b5ae83d58fca7727610f6f0b2653a058934e5fe435
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffedbae698cac9b0ac65cef3f1320e41bd97aa9f95cbe8e94f79cafb539cec79

assurance.com Open in urlscan Pro 18.66.122.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

98 %HTTPS

55 %IPv6

26 Domains

34 Subdomains

32 IPs

6 Countries

1329 kBTransfer

3445 kBSize

30 Cookies

3 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

assurance.com Open in urlscan Pro
18.66.122.65 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

98 %
HTTPS

55 %
IPv6

26
Domains

34
Subdomains

32
IPs

6
Countries

1329 kB
Transfer

3445 kB
Size

30
Cookies

80 HTTP transactions
1 data transactions