urlscan.io logo urlscan.io
SecurityTrails logo

provide-savings.com Open in urlscan Pro
2606:4700::6812:137d  Public Scan

Go To Rescan Add Verdict Report
URL: https://provide-savings.com/
Submission: On March 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 9 countries across 44 domains to perform 172 HTTP transactions. The main IP is 2606:4700::6812:137d, located in United States and belongs to CLOUDFLARENET, US. The main domain is provide-savings.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 20th 2023. Valid for: a year.
This is the only time provide-savings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.40.146.155 16509 (AMAZON-02)
63 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638::14 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 3 178.250.0.163 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 151.101.2.137 54113 (FASTLY)
1 2 35.156.220.94 16509 (AMAZON-02)
1 1 142.250.185.194 15169 (GOOGLE)
2 2 185.89.211.116 29990 (ASN-APPNEX)
1 2 185.89.210.90 29990 (ASN-APPNEX)
1 104.79.88.129 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 3.67.0.77 16509 (AMAZON-02)
1 185.86.138.152 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.111.217.42 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 2 3.71.149.231 16509 (AMAZON-02)
1 37.157.6.245 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2 34.255.91.107 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 2 54.76.11.91 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.195.173.152 16509 (AMAZON-02)
1 70.42.32.95 13789 (INTERNAP-...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.45.237.121 16625 (AKAMAI-AS)
1 63.32.242.157 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
1 54.72.113.247 16509 (AMAZON-02)
1 3.12.8.145 16509 (AMAZON-02)
172 52
23    2606:4700::6812:137d (United States)

ASN13335 (CLOUDFLARENET, US)
provide-savings.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
6    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2606:4700::6813:f81e (United States)

ASN13335 (CLOUDFLARENET, US)
consumer-assets.everquote.com
p.everquote.com
tpx.everquote.com
ads.everquote.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700::6812:1d44 (United States)

ASN13335 (CLOUDFLARENET, US)
opt-out-service.services.everquote.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    52.40.146.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-146-155.us-west-2.compute.amazonaws.com
ads.nextdoor.com
flask.nextdoor.com
63    2606:4700::6812:1c44 (United States)

ASN13335 (CLOUDFLARENET, US)
cep.services.everquote.com
bubastis-prom-aggregation-gateway.services.everquote.com
1    2a02:2638::14 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
2    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    35.156.220.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-220-94.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.67.0.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-0-77.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
2    34.255.91.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-91-107.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    54.76.11.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-11-91.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    18.195.173.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-173-152.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4200:df20:c9e3:cf31:1af2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.45.237.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-121.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    63.32.242.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-242-157.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    54.72.113.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-113-247.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.12.8.145 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-8-145.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
79 everquote.com
consumer-assets.everquote.com — Cisco Umbrella Rank: 246937
opt-out-service.services.everquote.com — Cisco Umbrella Rank: 271803
p.everquote.com — Cisco Umbrella Rank: 236199
cep.services.everquote.com — Cisco Umbrella Rank: 223766
tpx.everquote.com — Cisco Umbrella Rank: 163050
ads.everquote.com — Cisco Umbrella Rank: 171375
bubastis-prom-aggregation-gateway.services.everquote.com
64 KB
23 provide-savings.com
provide-savings.com
582 KB
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3747
gum.criteo.com — Cisco Umbrella Rank: 386
mug.criteo.com — Cisco Umbrella Rank: 2753
sslwidget.criteo.com — Cisco Umbrella Rank: 1808
widget.us.criteo.com — Cisco Umbrella Rank: 19285
dis.criteo.com — Cisco Umbrella Rank: 688
28 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
429 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
4 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 381
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
199 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
234 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 346
12 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6069
626 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4219
www.google.com — Cisco Umbrella Rank: 2
820 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 231
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
857 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1378
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 271
508 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
876 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
2 nextdoor.com
ads.nextdoor.com — Cisco Umbrella Rank: 6633
flask.nextdoor.com — Cisco Umbrella Rank: 6309
3 KB
2 gstatic.com
fonts.gstatic.com
60 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1761
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 586
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2291
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4551
525 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 26976
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2451
407 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 676
579 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 756
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1402
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2674
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 408
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 788
235 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1337
163 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 354
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1967
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1298
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 582
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 515
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 591
979 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 341
18 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 784
7 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 892
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
172 44
Domain Requested by
62 cep.services.everquote.com consumer-assets.everquote.com
23 provide-savings.com provide-savings.com
consumer-assets.everquote.com
10 consumer-assets.everquote.com provide-savings.com
6 www.googletagmanager.com provide-savings.com
www.googleoptimize.com
consumer-assets.everquote.com
5 gum.criteo.com 4 redirects consumer-assets.everquote.com
4 connect.facebook.net consumer-assets.everquote.com
3 www.facebook.com provide-savings.com
3 bat.bing.com consumer-assets.everquote.com
provide-savings.com
3 www.google.de provide-savings.com
3 p.everquote.com provide-savings.com
2 bam.nr-data.net consumer-assets.everquote.com
2 ad.360yield.com 1 redirects
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 secure.adnxs.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 www.google-analytics.com consumer-assets.everquote.com
2 www.google.com provide-savings.com
2 stats.g.doubleclick.net www.googletagmanager.com
consumer-assets.everquote.com
2 googleads.g.doubleclick.net www.googletagmanager.com
consumer-assets.everquote.com
2 fonts.gstatic.com fonts.googleapis.com
1 bubastis-prom-aggregation-gateway.services.everquote.com consumer-assets.everquote.com
1 s.thebrighttag.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 js-agent.newrelic.com consumer-assets.everquote.com
1 widget.us.criteo.com provide-savings.com
1 sslwidget.criteo.com 1 redirects
1 flask.nextdoor.com provide-savings.com
1 ads.everquote.com provide-savings.com
1 tpx.everquote.com provide-savings.com
1 mug.criteo.com provide-savings.com
1 dynamic.criteo.com consumer-assets.everquote.com
1 ads.nextdoor.com consumer-assets.everquote.com
1 region1.analytics.google.com www.googletagmanager.com
1 opt-out-service.services.everquote.com provide-savings.com
1 maxcdn.bootstrapcdn.com provide-savings.com
1 www.googleoptimize.com provide-savings.com
1 fonts.googleapis.com provide-savings.com
172 60
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
everquote.com
Cloudflare Inc ECC CA-3		 2022-05-10 -
2023-05-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-27		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
nextdoor.com
Amazon RSA 2048 M02		 2023-02-07 -
2023-06-02		 4 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
itm.ivitrack.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-02-11 -
2023-08-04		 6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-01		 5 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 5 frames:

Primary Page: https://provide-savings.com/
Frame ID: 2EB4BDDEAA5EE37BE7B8FB7A710411E9
Requests: 106 HTTP requests in this frame

Frame: https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326
Frame ID: E9C644D7D431EDA45D708BB88001692C
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=provide-savings.com&origin=onetag
Frame ID: BAD60F63D2BE0632436F9CD4E0BF3832
Requests: 2 HTTP requests in this frame

Frame: https://ads.everquote.com/gdn/conversion?pixel_stage=landing&arrival_tid=0&client=auto&oauid=1b31ae78-b91e-423e-b3af-07e454367aeb&city=Frankfurt%20am%20Main&region=HE
Frame ID: 192832245FCEEE6183BCFF9C644625EF
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30
Frame ID: DE4C9AEF5FC58D641967651EAB0B35EA
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Auto Insurance Quotes Online, Free & Fast | EverQuotecheckchevronRightchevronRight

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

172
Requests

93 %
HTTPS

39 %
IPv6

44
Domains

60
Subdomains

52
IPs

9
Countries

1485 kB
Transfer

4563 kB
Size

51
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128
  • https://gum.criteo.com/sid/json?origin=onetag&domain=provide-savings.com&sn=ChromeSyncframe&so=0&topUrl=provide-savings.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5WS363xaVm40UTJQcy9acm11Z21IU3VHUFBZUHk4UEpCeHdKalg5STlnZWgzWXcyZlA3V1ViazlvUHFjdG5qSW9wNExMYnlkT21wbUFpNk93bmdJZTE0ZjB6VERkRnQ2UnZiT2NGSWVYZ3o0SWVkQTdKZzFmdVpWRDk2aDV6eGVlSmlXQ2ZXbGcyODErTFFNMVgxZWJnVXQ1Sno2WFBQQ3pha0lPWG5oSGZIekg1UmNTR0p5ZjJCQ0cwZ09MZ29nazN1cHpXa3JYTThKeUZabW9uY1ZmbnV3aXd4Zi9ObnFzZHk5OTJxbUIrNE1ZSGo5TG1QcWxKK0wzcXRUYzFocVJkaDhscGxReHBuSzZUZXdheEpFbWJaczltRUxKT09RTlcvaVJXM0N1T1dhTlY2Yz18&cppv=2
Request Chain 137
  • https://sslwidget.criteo.com/event?a=39220&v=5.13.0&p0=e%3Dce%26m%3D%255BEmail%252520Address%255D&p1=e%3Dexd%26site_type%3Dd%26ui_uid%3D1b31ae78-b91e-423e-b3af-07e454367aeb&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=jau9uF9KSjRsRXhhS05vV0UzbEJsUXF3bExBWDFZZmVWZWl5OEhuTTF0WWE0dUs5aVdhWWZ5c3NyVW10RHNLcTB1YmJOTTQ1d1VGQ0F4R3loNCUyRnBqVnlVQmN6bDhjM1QxNHRHV3AyRDJhVlFKdFFxeU9BdXYxQzc4YW5va0NScW5ybWdEMmYxbkJaczkzU3NON3RSJTJGNFVBWVl0MjhqejFqUExIeERvZXl6eVV4UWFVJTNE&tld=provide-savings.com&dy=1&fu=https%253A%252F%252Fprovide-savings.com%252F&dtycbr=6956 HTTP 302
  • https://widget.us.criteo.com/event?a=39220&v=5.13.0&p0=e%3Dce%26m%3D%255BEmail%252520Address%255D&p1=e%3Dexd%26site_type%3Dd%26ui_uid%3D1b31ae78-b91e-423e-b3af-07e454367aeb&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=jau9uF9KSjRsRXhhS05vV0UzbEJsUXF3bExBWDFZZmVWZWl5OEhuTTF0WWE0dUs5aVdhWWZ5c3NyVW10RHNLcTB1YmJOTTQ1d1VGQ0F4R3loNCUyRnBqVnlVQmN6bDhjM1QxNHRHV3AyRDJhVlFKdFFxeU9BdXYxQzc4YW5va0NScW5ybWdEMmYxbkJaczkzU3NON3RSJTJGNFVBWVl0MjhqejFqUExIeERvZXl6eVV4UWFVJTNE&tld=provide-savings.com&dy=1&fu=https%253A%252F%252Fprovide-savings.com%252F&dtycbr=6956
Request Chain 139
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-UUtMIEuVW_7H777anLWxKcrOlp-RoDKOu4XPqA&google_cm&google_hm=ay1VVXRNSUV1VldfN0g3NzdhbkxXeEtjck9scC1Sb0RLT3U0WFBxQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-UUtMIEuVW_7H777anLWxKcrOlp-RoDKOu4XPqA&google_gid=CAESEDHYluYfNONwyHw8tKAxcP4&google_cver=1&google_ula=913071,0
Request Chain 141
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2506712247662277737
Request Chain 142
  • https://secure.adnxs.com/setuid?entity=52&code=k-92ybu0uVW_7H777anLWxKcrOlp_belTBdP5grA HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-92ybu0uVW_7H777anLWxKcrOlp_belTBdP5grA
Request Chain 150
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-AS7VekuVW_7H777anLWxKcrOlp8NbUEskQlBgg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-AS7VekuVW_7H777anLWxKcrOlp8NbUEskQlBgg&verify=true
Request Chain 153
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XuXrQEuVW_7H777anLWxKcrOlp-5M707L_j_Kw HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XuXrQEuVW_7H777anLWxKcrOlp-5M707L_j_Kw&C=1
Request Chain 154
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=l3M07nJrzi7LX5gyXXnFVdZSvQBQNHGN HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=l3M07nJrzi7LX5gyXXnFVdZSvQBQNHGN
Request Chain 156
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9mkYpUuVW_7H777anLWxKcrOlp-NvhbkvIV4ZQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9mkYpUuVW_7H777anLWxKcrOlp-NvhbkvIV4ZQ
Request Chain 166
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dnTHop7KMDtVJEHTGOzDxmWnMX87c3Od
Request Chain 167
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jqZTI0EtBnRPcX0yabYUHcu578G7yGQy

172 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
provide-savings.com/ 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js 7.0.3
Resource Hash
a029ab01a4de0ca7310e136555e9d2ab8c284498237ce4468ec76691c64c0dd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7aaa021fdac8bb79-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 00:58:42 GMT
server
cloudflare
strict-transport-security
max-age=15552000
x-powered-by
Next.js 7.0.3
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&display=swap
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe33e7d150a0d825321e84eac122ee43cef7d7b070882760ea4552e3c9ee519f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 00:50:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Mar 2023 00:58:42 GMT
EQSimpleDesignDesktop.js
provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/auto/landings/ 		176 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/auto/landings/EQSimpleDesignDesktop.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52cb04d2a5164f92012244a854fc7eca972f7f60be5063488d3b3ac05cdc99d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"12886-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa02210b8ebb79-FRA
expires
Tue, 19 Mar 2024 00:58:42 GMT
_app.js
provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/ 		376 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/_app.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2643706261fd97a2c692da484d7e8740ab90fc60ea808dc5f510d43099f18a49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"1a997-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa02210b8fbb79-FRA
expires
Tue, 19 Mar 2024 00:58:42 GMT
_error.js
provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/ 		190 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/_error.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4726b38a436a92a97ea0a590677935d81423a1db6178137c0936183737002c77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"ac-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa02210b90bb79-FRA
expires
Tue, 19 Mar 2024 00:58:42 GMT
webpack-58f61189b265af59ef9c.js
provide-savings.com/_next/static/runtime/ 		1 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/runtime/webpack-58f61189b265af59ef9c.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d6168808aef8ec04092413a7803bbbab133aabd72b6c27b2fab9d30b785b4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"2e8-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa02210b92bb79-FRA
expires
Tue, 19 Mar 2024 00:58:42 GMT
commons.3cce7d7c9efeac757e69.js
provide-savings.com/_next/static/chunks/ 		760 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/chunks/commons.3cce7d7c9efeac757e69.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1482460b62f77b38261d91c68ccbdbedf0daa93da81da108ce6f361802e8bda6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"35796-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa02210b93bb79-FRA
expires
Tue, 19 Mar 2024 00:58:42 GMT
main-e5f052831c64505fa82e.js
provide-savings.com/_next/static/runtime/ 		107 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/runtime/main-e5f052831c64505fa82e.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26ce86666e24e4078a6b5bff6e86876cc005f5132abbf320712b399c12bd2825
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"74ad-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa02210b94bb79-FRA
expires
Tue, 19 Mar 2024 00:58:42 GMT
optimize.js
www.googleoptimize.com/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-PXT4274
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed120ba99bbd01f0f964168df7ff7cc94bcae99138ecd2f1d01afd51100a2b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47612
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Mar 2023 00:58:42 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMN8P5NC9M
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92155f778d28f0ee6cf57cc80707c08979a4e14424db1c91003b6d0cd2745769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79630
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Mar 2023 00:58:42 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1000357370
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55521d2694d01f76faeecc943ba5481dd6bf2aae7cf3e6969527e4a08e8f5bba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67280
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Mar 2023 00:58:42 GMT
newrelic-prod.js
consumer-assets.everquote.com/static-assets/scripts/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320a7c404199e093522579ed5bec03e142179f0a04bbdc1b466b965c74383ec2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 f5f8057faba50299bc905b2f88bbd5a4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-amz-cf-pop
BOM78-P6
age
889
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:43 GMT
server
cloudflare
etag
W/"710fcf991a03b0d936f9442207bba524"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7aaa0221ba7668f5-FRA
x-amz-cf-id
ax9qtVfYcwT6KvvUh5wctgNUgVXdfxI8FVNUfd0Y67oMa_Oe4ehyBg==
expires
Mon, 20 Mar 2023 04:58:42 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://provide-savings.com/
Origin
https://provide-savings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
722
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e82298dfe4bb1cc259fa8086c4573926
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7aaa02213af89b51-FRA
cdn-requestpullsuccess
True
libertyMutual.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/libertyMutual.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d44de64b672700bb610ce4c9bc88afb10f567ff23999f8eb26af6575ca81b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:44 GMT
server
cloudflare
etag
W/"58c0844e1b7d1d9bf1342c0e385110c3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba6968f5-FRA
x-amz-cf-id
8hAM6n6NWJcTXoX-H7t5AdmkpjcMmPPPoQ3RmZK9NeoyiLfvp1zdlw==
expires
Mon, 20 Mar 2023 04:58:42 GMT
progressive.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/progressive.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e697cadb19785c0e918741b9c913362409cae44767e2bf4ba33a66ad8322a660
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
via
1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:44 GMT
server
cloudflare
etag
W/"eb36ca4c57689afd91f1aff0d6d95852"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba6b68f5-FRA
x-amz-cf-id
b0zT2KPLybgef9dyitZ88B7qaHJDqUD1vAK2XBE2NmYiyiqHkjomAw==
expires
Mon, 20 Mar 2023 04:58:43 GMT
americanFamily.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/americanFamily.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56a6a06b5401f6392ff61a10014dc1dcc8a6d8dcdec6406da2b5d611e9ae156
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:43 GMT
server
cloudflare
etag
W/"9fa34d2962dbf19bb4a26073e9ec231a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba6e68f5-FRA
x-amz-cf-id
p0SCcPw4Hm_T5q-e6hdHxgN_sY3g6nMOYAf82aoU1jSSVDxcE6llGw==
expires
Mon, 20 Mar 2023 04:58:42 GMT
countryFinancial.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/countryFinancial.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc76b19d48b4fefebc0e3eefae052e1654241e542322655c57b9d77eb860f37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 c6009ddfc9f427867dff2ea4da6dffb4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
BOM50-C1
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:43 GMT
server
cloudflare
etag
W/"4b3c014b3ceb888c13a64d11a5db43ab"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba6f68f5-FRA
x-amz-cf-id
rxBziZxFc9Z6wsQyl-MB0BjJ6S8tM36y-GZdPIbvfluLCCtCyKfr5g==
expires
Mon, 20 Mar 2023 04:58:42 GMT
mercury.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/mercury.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9a573c12a40420566055f5473212c62dc7f4f938a59fed11f3eaab7e2aa3c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:44 GMT
server
cloudflare
etag
W/"3d89174c6986ddf06c8a813e2e276673"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba7068f5-FRA
x-amz-cf-id
HZSXRxYFC2YyvLbI7LdmgW3_OGnukyVXbX8VZop-qGWpnjv3AXi1gA==
expires
Mon, 20 Mar 2023 04:58:42 GMT
esurance.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/esurance.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111c52153297ba807b8463b4041bd56cf175fae7254266e949ab6881d717c0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:43 GMT
server
cloudflare
etag
W/"e45b9e03d26c7a273495d24cc40d142b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba7468f5-FRA
x-amz-cf-id
GgMR7xsDsFDfYDTNwWiXJOzt_IJPu4YcrV0HLRZH5EL_ZNbbUmwkcw==
expires
Mon, 20 Mar 2023 04:58:42 GMT
general.svg
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/ 		15 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/carrier-logos/general.svg
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a039606f0ca9791e69653056672255cf8325baf0585fc30b2ca63b94e728d2a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
via
1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
last-modified
Fri, 04 Nov 2022 10:35:44 GMT
server
cloudflare
etag
W/"54a9be3dd9e66d0a034d3b87e802d9bc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7aaa0221ba7268f5-FRA
x-amz-cf-id
oCxhPkFvEXJmemelGjQBdHqhwV_txW_T2N4H-Cn2Fj6e5uFnq7rilA==
expires
Mon, 20 Mar 2023 04:58:43 GMT
Photo_Fernando_144-4582a8518a02223a7ce154385ab00cbb.webp
provide-savings.com/_next/static/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provide-savings.com/_next/static/Photo_Fernando_144-4582a8518a02223a7ce154385ab00cbb.webp
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f2246381eab88cb7a416daf031e6097a0e5ad571a5635a1e7cabaaec1cd00c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:41 GMT
server
cloudflare
etag
W/"2e22-186da7f4bc8"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aaa02218bf4bb79-FRA
content-length
11810
expires
Mon, 20 Mar 2023 04:58:42 GMT
Photo_Ankica_144-136a77a430ddea610d222529b480dc35.webp
provide-savings.com/_next/static/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provide-savings.com/_next/static/Photo_Ankica_144-136a77a430ddea610d222529b480dc35.webp
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c96c28275124d83661d8ee174481cc2effad2702cd20cfe63fa497c1c5a3056
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:41 GMT
server
cloudflare
etag
W/"2f42-186da7f4bc8"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aaa02218bf6bb79-FRA
content-length
12098
expires
Mon, 20 Mar 2023 04:58:42 GMT
Photo_Jaymee_144-345b59538e845140ccca2ed99f3ccf08.webp
provide-savings.com/_next/static/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provide-savings.com/_next/static/Photo_Jaymee_144-345b59538e845140ccca2ed99f3ccf08.webp
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e97ce6d29bf59a45a603941a583b98653162d4ed95cb706b12544b9f58d090
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:41 GMT
server
cloudflare
etag
W/"2ef6-186da7f4bc8"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aaa02218bf8bb79-FRA
content-length
12022
expires
Mon, 20 Mar 2023 04:58:42 GMT
crossdomain
opt-out-service.services.everquote.com/ 		41 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://opt-out-service.services.everquote.com/crossdomain?mode=get&arrivalUUID=1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96303fcc34be5d01c2fb5f83c28de84e878809c4cc6bdc83514b26de63453efd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7aaa0221bd3a2bfe-FRA
content-length
41
f
p.everquote.com/ 		109 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.everquote.com/f?mode=script&event=X50MA6DH94RS642&capture=landing&t=0&auid=1b31ae78-b91e-423e-b3af-07e454367aeb&arrival_id=
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7fe1f0de4f84b34de572548ddad84479e55a0f891dd8a34c7096a81530c398
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/javascript;charset=ISO-8859-1
access-control-allow-credentials
true
cf-ray
7aaa0221ba6668f5-FRA
gtm.js
www.googletagmanager.com/ 		447 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P8QQMPK&l=gtmDataLayer&gtm_auth=A2JgS0fhwfdhhNEmdMqw9w&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4926dca0e837a829e40b93f7fa7e0102ec64d2b6124152fe5e2ce59743d889b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100361
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMN8P5NC9M&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-PXT4274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5fb64e14a229f84fba7a2c13b7c0b889ecb7c11406b5a13a02cb4f34efcee90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78757
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Mar 2023 00:58:42 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1000357370&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-PXT4274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9d1bc8eb35f5cdcbba1163b6e195a6aedc332a687e6f63292a1b0852a1b3cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67286
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Mar 2023 00:58:42 GMT
logo.png
consumer-assets.everquote.com/static-assets/domains/auto/provide-savings.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/domains/auto/provide-savings.com/logo.png
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b8081841db1b31d7c56ef8e8e3a422ca3c340039757f4c6622b69b67db8cee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
via
1.1 e5dbf427228e8469623421628e11f7da.cloudfront.net (CloudFront)
cf-cache-status
MISS
strict-transport-security
max-age=15552000
x-amz-cf-pop
BOM50-C1
x-cache
Miss from cloudfront
content-length
10581
last-modified
Fri, 04 Nov 2022 10:34:46 GMT
server
cloudflare
etag
"365ee1f9ad4559ce9c1cfffd40593748"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aaa0221ba7568f5-FRA
x-amz-cf-id
9tN4Eopx6NJQjGpmdK_HTKTzLIQthEu4lPknfK93f8AIjFCjOuoxTA==
expires
Mon, 20 Mar 2023 04:58:44 GMT
blue-bg.webp
consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consumer-assets.everquote.com/static-assets/tests-assets/auto/landings/EQSimpleDesignDesktop/blue-bg.webp
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d44af1ba18c207f8254404de1bb6f80d4f2869215fc5eb34ad4d67b2883c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
via
1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
content-length
18570
last-modified
Fri, 04 Nov 2022 10:35:43 GMT
server
cloudflare
etag
"0cbff27aa9a2fa2a50ab705d68d10c9a"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aaa0221ba7168f5-FRA
x-amz-cf-id
SwnZ8HamVGSSV49w9Khs0kDhYN21-QujZu-SpoaJGOPmnRUs6r3IMA==
expires
Mon, 20 Mar 2023 04:58:42 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://provide-savings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:05:33 GMT
x-content-type-options
nosniff
age
330789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:05:33 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://provide-savings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 09:37:51 GMT
x-content-type-options
nosniff
age
228051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Mar 2024 09:37:51 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000357370/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000357370/?random=1679273922873&cv=11&fst=1679273922873&bg=ffffff&guid=ON&async=1&gtm=45be33f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fprovide-savings.com%2F&tiba=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&auid=2113973500.1679273923&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1000357370&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49373ed0b4e23a3be036fe3308cf6fa92f958ec8a8ad730b17917e40e3df442a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1235
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218205978-2&l=dataLayer&cx=c
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baf143f303c3fc68330dff7f760f4f545216d06fa60cc432b685c98518ba4cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44671
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Mar 2023 00:58:42 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JMN8P5NC9M&gtm=45je33f0&_p=957437778&_gaz=1&cid=312609484.1679273923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679273922&sct=1&seg=0&dl=https%3A%2F%2Fprovide-savings.com%2F&dt=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMN8P5NC9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provide-savings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JMN8P5NC9M&cid=312609484.1679273923&gtm=45je33f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMN8P5NC9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provide-savings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JMN8P5NC9M&cid=312609484.1679273923&gtm=45je33f0&aip=1&z=749145102
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000357370/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000357370/?random=1679273922955&cv=11&fst=1679273922955&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fprovide-savings.com%2F&tiba=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&auid=2113973500.1679273923&uamb=0&uaw=0&data=dynx_itemid%3D1b31ae78-b91e-423e-b3af-07e454367aeb%3Btrafficid1%3D0%3Btrafficid2%3D0%3Btrafficid3%3Dprovide-savings.com%3Bdevice%3Ddesktop%3Bdynx_pagetype%3DLanding%3BcompletedForm%3Dfalse%3Bauto_atfault_accidents%3D0%3Bauto_driver_count%3D1%3Bauto_tickets%3D0&rfmt=3&fmt=4
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a64d229a37110288c80759cd72f1f4bf80af4f99e4e9b75f7d55310f691b57f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1363
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 Mar 2023 00:58:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
OjofVZcthnwKnqei6kOfFrNE+EKUVGfEhlbs7ped2f3ZY2t7Cp8nTjaMRhHfdIEzY2gJkzzgKIO/8MiDYKjq/Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 20 Mar 2023 00:58:42 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F21B04E97EFA446E9CDC2E0617BD3593 Ref B: FRAEDGE2010 Ref C: 2023-03-20T00:58:42Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
ndp.js
ads.nextdoor.com/public/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.146.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-146-155.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
content-security-policy
frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding
gzip
last-modified
Mon, 13 Mar 2023 19:36:51 GMT
server
istio-envoy
etag
W/"640f7b53-19c7"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
4
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf77bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf78bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf79bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf7bbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf7dbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf7ebbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf82bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf80bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf84bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf83bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf87bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf88bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf8abbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf89bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf8bbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf8cbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf8fbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf8dbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf90bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf7fbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf91bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf92bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf93bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf94bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf95bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223cf96bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa0223df9cbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa02248819bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d877bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa02248822bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d878bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d874bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d871bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224b84cbbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa02248825bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d863bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa02248815bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa02248820bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d872bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224b84bbbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d87bbbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224e887bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d86fbbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d879bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224e883bbfe-FRA
/
provide-savings.com/api/zip_codes/ 		34 B
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/zip_codes/?zip_code=60326
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4287263d2497d2db5364b0981292eb8492eab08f8d2a1d7b9ccb2df5a02a2b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-cf51670c0c0c4cd1----1679273923150
traceparent
00-c0d5fdbfc28bb13a05c898498a8df7d0-cf51670c0c0c4cd1-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6ImNmNTE2NzBjMGMwYzRjZDEiLCJ0ciI6ImMwZDVmZGJmYzI4YmIxM2EwNWM4OTg0OThhOGRmN2QwIiwidGkiOjE2NzkyNzM5MjMxNTB9fQ==

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa0223bd9ebb79-FRA
content-length
34
content-type
application/json
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d87cbbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d87dbbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/pixels/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326&non_iframe=true
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-05ead213ac364632----1679273923162
traceparent
00-abd50a415ce96a936b6ecf5dfa3d48d0-05ead213ac364632-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6IjA1ZWFkMjEzYWMzNjQ2MzIiLCJ0ciI6ImFiZDUwYTQxNWNlOTZhOTM2YjZlY2Y1ZGZhM2Q0OGQwIiwidGkiOjE2NzkyNzM5MjMxNjJ9fQ==

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa0223cdb3bb79-FRA
content-type
text/html; charset=utf-8
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d870bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d87abbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224e885bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d876bbfe-FRA
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224b845bbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/sessions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/sessions/1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-324f042d868cb2d7----1679273923166
traceparent
00-b23f1f32b7379599143286ba7a805140-324f042d868cb2d7-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6IjMyNGYwNDJkODY4Y2IyZDciLCJ0ciI6ImIyM2YxZjMyYjczNzk1OTkxNDMyODZiYTdhODA1MTQwIiwidGkiOjE2NzkyNzM5MjMxNjZ9fQ==
content-type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa0223cdb7bb79-FRA
content-type
text/html; charset=utf-8
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224d873bbfe-FRA
OneQuestionPerStage.js
provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/auto/forms/ 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/auto/forms/OneQuestionPerStage.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c1a04323f042ce9a928979f5351667aeba6d5f6ea20e1fefe78e1ccc1b074a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"16db1-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa0223cdbbbb79-FRA
expires
Tue, 19 Mar 2024 00:58:43 GMT
ld.js
dynamic.criteo.com/js/ld/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=39220
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
40adc6413cbd894020def935e8203af971a389acbf8ee62dd449eb42d06108cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0224e881bbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/sessions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/sessions/1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-85e50d7e2d4be874----1679273923173
traceparent
00-912179209fb5b97f02fa5ea861016680-85e50d7e2d4be874-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6Ijg1ZTUwZDdlMmQ0YmU4NzQiLCJ0ciI6IjkxMjE3OTIwOWZiNWI5N2YwMmZhNWVhODYxMDE2NjgwIiwidGkiOjE2NzkyNzM5MjMxNzN9fQ==
content-type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa0223ddc8bb79-FRA
content-type
text/html; charset=utf-8
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/pixels/ Frame E9C6 		2 KB
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ef8624dc540e59c6759de93e926aef623dfe9c4965daa2900d9574b382cb1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7aaa0223edd9bb79-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
EverQuote.js
provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/auto/exits/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/auto/exits/EverQuote.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0409b0c26dcd12142919e8bd6a403d4f55b3445f2e9346b2401230b1b1c2cf9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"7dc3-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa0223eddbbb79-FRA
expires
Tue, 19 Mar 2024 00:58:43 GMT
/
www.google.com/pagead/1p-user-list/1000357370/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1000357370/?random=1679273922873&cv=11&fst=1679270400000&bg=ffffff&guid=ON&async=1&gtm=45be33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fprovide-savings.com%2F&tiba=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2043895235&rmt_tld=0&ipr=y
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1000357370/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1000357370/?random=1679273922873&cv=11&fst=1679270400000&bg=ffffff&guid=ON&async=1&gtm=45be33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fprovide-savings.com%2F&tiba=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2043895235&rmt_tld=1&ipr=y
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 Mar 2023 23:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5950
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 20 Mar 2023 01:19:33 GMT
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa02241fcdbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa02241fd1bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa02241fd5bbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa022508aebbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/sessions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/sessions/1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-b3381d3c5fd9d427----1679273923215
traceparent
00-7daf12397449b6a94dd2b25b454cd070-b3381d3c5fd9d427-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6ImIzMzgxZDNjNWZkOWQ0MjciLCJ0ciI6IjdkYWYxMjM5NzQ0OWI2YTk0ZGQyYjI1YjQ1NGNkMDcwIiwidGkiOjE2NzkyNzM5MjMyMTV9fQ==
content-type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa02241e0bbb79-FRA
content-type
text/html; charset=utf-8
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa0225f96abbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/sessions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/sessions/1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-4938930b33454ee6----1679273923217
traceparent
00-26b890f16af95f1ae417c57b0cfdded0-4938930b33454ee6-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6IjQ5Mzg5MzBiMzM0NTRlZTYiLCJ0ciI6IjI2Yjg5MGYxNmFmOTVmMWFlNDE3YzU3YjBjZmRkZWQwIiwidGkiOjE2NzkyNzM5MjMyMTd9fQ==
content-type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa02241e0fbb79-FRA
content-type
text/html; charset=utf-8
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa022518bbbbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/sessions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/sessions/1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-a35e933feacca2e6----1679273923219
traceparent
00-cc32774a24a08c1aa4b98285c67b65f0-a35e933feacca2e6-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6ImEzNWU5MzNmZWFjY2EyZTYiLCJ0ciI6ImNjMzI3NzRhMjRhMDhjMWFhNGI5ODI4NWM2N2I2NWYwIiwidGkiOjE2NzkyNzM5MjMyMTl9fQ==
content-type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa02242e16bb79-FRA
content-type
text/html; charset=utf-8
/
provide-savings.com/api/prepop/xdp/ 		44 B
122 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/prepop/xdp/
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35aa5bec3631eb73738416ad2ab893bce48063c5dedf0b4ff82003220fa631fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-340394cc5ec674e0----1679273923219
traceparent
00-07ff56a0f648669eb334833c24598250-340394cc5ec674e0-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6IjM0MDM5NGNjNWVjNjc0ZTAiLCJ0ciI6IjA3ZmY1NmEwZjY0ODY2OWViMzM0ODMzYzI0NTk4MjUwIiwidGkiOjE2NzkyNzM5MjMyMTl9fQ==
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa02242e17bb79-FRA
content-length
44
content-type
application/json; charset=utf-8
publisher
cep.services.everquote.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
authtoken,content-type
Access-Control-Request-Method
POST
Origin
https://provide-savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Accept,AuthToken
access-control-allow-methods
HEAD,POST
access-control-allow-origin
https://provide-savings.com
cf-cache-status
DYNAMIC
cf-ray
7aaa02242fdcbbfe-FRA
content-length
0
date
Mon, 20 Mar 2023 00:58:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000
publisher
cep.services.everquote.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cep.services.everquote.com/publisher
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

AuthToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
access-control-allow-origin
https://provide-savings.com
cf-ray
7aaa022518c0bbfe-FRA
1b31ae78-b91e-423e-b3af-07e454367aeb
provide-savings.com/api/sessions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/api/sessions/1b31ae78-b91e-423e-b3af-07e454367aeb
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
tracestate
3407446@nr=0-1-3407446-1103125107-89e79a9d3f566ce7----1679273923223
traceparent
00-f99fc82c8ccc1eed4d9df6c4c2a8f920-89e79a9d3f566ce7-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0MDc0NDYiLCJhcCI6IjExMDMxMjUxMDciLCJpZCI6Ijg5ZTc5YTlkM2Y1NjZjZTciLCJ0ciI6ImY5OWZjODJjOGNjYzFlZWQ0ZDlkZjZjNGMyYThmOTIwIiwidGkiOjE2NzkyNzM5MjMyMjN9fQ==
content-type
application/json

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa02242e19bb79-FRA
content-type
text/html; charset=utf-8
/
www.google.com/pagead/1p-user-list/1000357370/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1000357370/?random=1679273922955&cv=11&fst=1679270400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fprovide-savings.com%2F&tiba=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&data=dynx_itemid%3D1b31ae78-b91e-423e-b3af-07e454367aeb%3Btrafficid1%3D0%3Btrafficid2%3D0%3Btrafficid3%3Dprovide-savings.com%3Bdevice%3Ddesktop%3Bdynx_pagetype%3DLanding%3BcompletedForm%3Dfalse%3Bauto_atfault_accidents%3D0%3Bauto_driver_count%3D1%3Bauto_tickets%3D0&fmt=3&is_vtc=1&random=1766316488&rmt_tld=0&ipr=y
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1000357370/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1000357370/?random=1679273922955&cv=11&fst=1679270400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fprovide-savings.com%2F&tiba=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&data=dynx_itemid%3D1b31ae78-b91e-423e-b3af-07e454367aeb%3Btrafficid1%3D0%3Btrafficid2%3D0%3Btrafficid3%3Dprovide-savings.com%3Bdevice%3Ddesktop%3Bdynx_pagetype%3DLanding%3BcompletedForm%3Dfalse%3Bauto_atfault_accidents%3D0%3Bauto_driver_count%3D1%3Bauto_tickets%3D0&fmt=3&is_vtc=1&random=1766316488&rmt_tld=1&ipr=y
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4030807.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4030807.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 20 Mar 2023 00:58:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0F1E29B51F1646E182AE4C7EE56DCC7D Ref B: FRAEDGE2010 Ref C: 2023-03-20T00:58:43Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4030807&Ver=2&mid=7262d0cc-a0ca-4941-9bbd-1a3749c3eb0f&sid=5c408140c6ba11eda5ff5fc97b64cc93&vid=5c40b260c6ba11edbfa34dc52bfab3b8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Auto%20Insurance%20Quotes%20Online,%20Free%20%26%20Fast%20%7C%20EverQuote&p=https%3A%2F%2Fprovide-savings.com%2F&r=&lt=316&evt=pageLoad&sv=1&rn=602182
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 20 Mar 2023 00:58:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 33AF38750C3848089B5B25B4743E7A4D Ref B: FRAEDGE2010 Ref C: 2023-03-20T00:58:43Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.99
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 Mar 2023 00:58:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
G0/72fcgsKoWzxwuz8IJty754I0qrH+LofHD13bjIUd12h/cNMYIgBCVfeh4IaTES+rW5YAqZyjjHEI592hGHQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
373601314474635
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/373601314474635?v=2.9.99&r=stable
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0c5f0789c5fa64c0a781db8fd999ba90b52fb207156e0cadc70e8a9beb05b0b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 Mar 2023 00:58:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Id14G3XeoB780PW69A+y2J2sZFNKXbgUYHH+UoYvO6CazR4qT78mrrE6oA7+HTFS08iCkdumux339iryuoVAFQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame BAD6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=provide-savings.com&origin=onetag
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://provide-savings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 00:58:42 GMT
server
Kestrel
server-processing-duration-in-ticks
677746
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=957437778&t=pageview&_s=1&dl=https%3A%2F%2Fprovide-savings.com%2F&ul=en-us&de=UTF-8&dt=Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=565539410&gjid=870283871&cid=312609484.1679273923&tid=UA-218205978-2&_gid=834804506.1679273923&_r=1&gtm=457e33f0&z=501975933
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provide-savings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-218205978-2&cid=312609484.1679273923&jid=565539410&gjid=870283871&_gid=834804506.1679273923&_u=YADAAUAAAAAAACAAI~&z=1318884793
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 20 Mar 2023 00:58:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provide-savings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
wait-for-quote.js
provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provide-savings.com/_next/static/zQVimI_7AJChGmL1IQi1l/pages/wait-for-quote.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:137d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da2685b956436e6e29b68583ed959f3353d1ca6cad3b8feffee0cb7765745d51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 10:23:42 GMT
server
cloudflare
etag
W/"2042-186da7f4fb0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
7aaa0224eebebb79-FRA
expires
Tue, 19 Mar 2024 00:58:43 GMT
sid
mug.criteo.com/ Frame BAD6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=provide-savings.com&sn=ChromeSyncframe&so=0&topUrl=provide-savings.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5WS363xaVm40UTJQcy9acm11Z21IU3VHUFBZUHk4UEpCeHdKalg5STlnZWgzWXcyZlA3V1ViazlvUHFjdG5qSW9wNExMYnlkT21wbUFpNk93bmdJZTE0ZjB6VERkRnQ2UnZiT2NGSWVYZ3o0SWVkQTdKZzFmdVpWRDk2aD...
441 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5WS363xaVm40UTJQcy9acm11Z21IU3VHUFBZUHk4UEpCeHdKalg5STlnZWgzWXcyZlA3V1ViazlvUHFjdG5qSW9wNExMYnlkT21wbUFpNk93bmdJZTE0ZjB6VERkRnQ2UnZiT2NGSWVYZ3o0SWVkQTdKZzFmdVpWRDk2aDV6eGVlSmlXQ2ZXbGcyODErTFFNMVgxZWJnVXQ1Sno2WFBQQ3pha0lPWG5oSGZIekg1UmNTR0p5ZjJCQ0cwZ09MZ29nazN1cHpXa3JYTThKeUZabW9uY1ZmbnV3aXd4Zi9ObnFzZHk5OTJxbUIrNE1ZSGo5TG1QcWxKK0wzcXRUYzFocVJkaDhscGxReHBuSzZUZXdheEpFbWJaczltRUxKT09RTlcvaVJXM0N1T1dhTlY2Yz18&cppv=2
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
77e69cf612ac1dc1d7ac533493ba2085f9e5643f85d26478e93c397012fab2dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2718068
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=5WS363xaVm40UTJQcy9acm11Z21IU3VHUFBZUHk4UEpCeHdKalg5STlnZWgzWXcyZlA3V1ViazlvUHFjdG5qSW9wNExMYnlkT21wbUFpNk93bmdJZTE0ZjB6VERkRnQ2UnZiT2NGSWVYZ3o0SWVkQTdKZzFmdVpWRDk2aDV6eGVlSmlXQ2ZXbGcyODErTFFNMVgxZWJnVXQ1Sno2WFBQQ3pha0lPWG5oSGZIekg1UmNTR0p5ZjJCQ0cwZ09MZ29nazN1cHpXa3JYTThKeUZabW9uY1ZmbnV3aXd4Zi9ObnFzZHk5OTJxbUIrNE1ZSGo5TG1QcWxKK0wzcXRUYzFocVJkaDhscGxReHBuSzZUZXdheEpFbWJaczltRUxKT09RTlcvaVJXM0N1T1dhTlY2Yz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
583406
content-length
0
expires
0
575748082934561
connect.facebook.net/signals/config/ 		151 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/575748082934561?v=2.9.99&r=stable
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b69609c2112d16e58ddd2e4662390e7bad2df16ea75d08f420cf4f8c51c7f77
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 20 Mar 2023 00:58:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0qk7hPuuyVmdha/pRBWAKGKe4ZOrl6O+eveCLfbP5Bnntw/EWl3WCEDq+zfAW1h4oAouzsUauct3h6eSRhMoHA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=373601314474635&ev=PageView&dl=https%3A%2F%2Fprovide-savings.com%2F&rl=&if=false&ts=1679273923367&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1679273923365.1899484355&it=1679273923239&coo=false&eid=1b31ae78-b91e-423e-b3af-07e454367aeb&tm=1&rqm=GET
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 20 Mar 2023 00:58:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pix
tpx.everquote.com/ Frame E9C6 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpx.everquote.com/pix?oauid=1b31ae78-b91e-423e-b3af-07e454367aeb&tid=0&page=Any&vertical=auto
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa0225cd4568f5-FRA
content-length
42
content-type
image/gif
f
p.everquote.com/ Frame E9C6 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.everquote.com/f?mode=script&event=UXBX21FIH4WRAIV&arrival_id=1b31ae78-b91e-423e-b3af-07e454367aeb&capture=landing&t=0&auid=1b31ae78-b91e-423e-b3af-07e454367aeb&srid=&initiator=
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/javascript;charset=ISO-8859-1
access-control-allow-credentials
true
cf-ray
7aaa0225bd3d68f5-FRA
conversion
ads.everquote.com/gdn/ Frame 1928 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.everquote.com/gdn/conversion?pixel_stage=landing&arrival_tid=0&client=auto&oauid=1b31ae78-b91e-423e-b3af-07e454367aeb&city=Frankfurt%20am%20Main&region=HE
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://provide-savings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7aaa0225ed6d68f5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 20 Mar 2023 00:58:43 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
f
p.everquote.com/ Frame E9C6 		70 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.everquote.com/f?mode=pixel&event=UXBX21FIH4WRAIV&arrival_id=1b31ae78-b91e-423e-b3af-07e454367aeb&capture=landing&t=0&auid=1b31ae78-b91e-423e-b3af-07e454367aeb&srid=&initiator=&time=1679273923479
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/api/pixels/1b31ae78-b91e-423e-b3af-07e454367aeb?previous_page=&current_page=Landing&zip_code=60326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d840af2c50eff9a5241d4b50833a596e6b71af0cee87cf2b3435345f2f7aba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-credentials
true
cf-ray
7aaa0225cd3e68f5-FRA
pixel
flask.nextdoor.com/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=c2d6d1ad-f5e6-4186-ae11-ebcb9e99a47d&ev=PAGE_VIEW&pl=https%3A%2F%2Fprovide-savings.com%2F&ndclid=&rf=&sem=&tm=0
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.146.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-146-155.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
context-id
7eb0865c-4eab-460f-a528-fd5d25b97d11
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=575748082934561&ev=PageView&dl=https%3A%2F%2Fprovide-savings.com%2F&rl=&if=false&ts=1679273923585&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&cs_est=true&fbp=fb.1.1679273923365.1899484355&it=1679273923239&coo=false&tm=1&rqm=GET
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 20 Mar 2023 00:58:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=39220&v=5.13.0&p0=e%3Dce%26m%3D%255BEmail%252520Address%255D&p1=e%3Dexd%26site_type%3Dd%26ui_uid%3D1b31ae78-b91e-423e-b3af-07e454367aeb&p2=e%3Dvh&p3=e%3Ddis&adc...
  • https://widget.us.criteo.com/event?a=39220&v=5.13.0&p0=e%3Dce%26m%3D%255BEmail%252520Address%255D&p1=e%3Dexd%26site_type%3Dd%26ui_uid%3D1b31ae78-b91e-423e-b3af-07e454367aeb&p2=e%3Dvh&p3=e%3Ddis&adc...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=39220&v=5.13.0&p0=e%3Dce%26m%3D%255BEmail%252520Address%255D&p1=e%3Dexd%26site_type%3Dd%26ui_uid%3D1b31ae78-b91e-423e-b3af-07e454367aeb&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=jau9uF9KSjRsRXhhS05vV0UzbEJsUXF3bExBWDFZZmVWZWl5OEhuTTF0WWE0dUs5aVdhWWZ5c3NyVW10RHNLcTB1YmJOTTQ1d1VGQ0F4R3loNCUyRnBqVnlVQmN6bDhjM1QxNHRHV3AyRDJhVlFKdFFxeU9BdXYxQzc4YW5va0NScW5ybWdEMmYxbkJaczkzU3NON3RSJTJGNFVBWVl0MjhqejFqUExIeERvZXl6eVV4UWFVJTNE&tld=provide-savings.com&dy=1&fu=https%253A%252F%252Fprovide-savings.com%252F&dtycbr=6956
Requested by
Host: provide-savings.com
URL: https://provide-savings.com/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9711553f3832e36e06756b4a96c64b17f5fb62fbb643f8c55864a4f839e6aa1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
15289789
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.us.criteo.com/event?a=39220&v=5.13.0&p0=e%3Dce%26m%3D%255BEmail%252520Address%255D&p1=e%3Dexd%26site_type%3Dd%26ui_uid%3D1b31ae78-b91e-423e-b3af-07e454367aeb&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=jau9uF9KSjRsRXhhS05vV0UzbEJsUXF3bExBWDFZZmVWZWl5OEhuTTF0WWE0dUs5aVdhWWZ5c3NyVW10RHNLcTB1YmJOTTQ1d1VGQ0F4R3loNCUyRnBqVnlVQmN6bDhjM1QxNHRHV3AyRDJhVlFKdFFxeU9BdXYxQzc4YW5va0NScW5ybWdEMmYxbkJaczkzU3NON3RSJTJGNFVBWVl0MjhqejFqUExIeERvZXl6eVV4UWFVJTNE&tld=provide-savings.com&dy=1&fu=https%253A%252F%252Fprovide-savings.com%252F&dtycbr=6956
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3995041
timing-allow-origin
*
content-length
0
expires
0
nr-spa-1215.min.js
js-agent.newrelic.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Mar 2023 00:58:44 GMT
x-amz-request-id
VTN12Q97645SMAGD
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17465
x-amz-id-2
mTg9Wxrt3vMYikqjc9D3ojdbUObjhBaQE3aCMKxZA6HoSKYqlEfHfbOaZBAiQhJVb/3lqI5ETcU=
x-served-by
cache-fra-eddf8230126-FRA
last-modified
Mon, 24 Jan 2022 22:13:54 GMT
server
AmazonS3
x-timer
S1679273924.388588,VS0,VE0
etag
"7e1862f7a390ed9fc02c299216395547"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
159
sync
x.bidswitch.net/ul_cb/ Frame DE4C
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30
Protocol
H2
Server
35.156.220.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-220-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-_h6lskuVW_7H777anLWxKcrOlp9jal0S0JMsIg&expires=30
date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DE4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-UUtMIEuVW_7H777anLWxKcrOlp-RoDKOu4XPqA&google_cm&google_hm=ay1VVXRNSUV1VldfN0g3NzdhbkxXeEtjck9scC1Sb0RLT...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-UUtMIEuVW_7H777anLWxKcrOlp-RoDKOu4XPqA&google_gid=CAESEDHYluYfNONwyHw8tKAxcP4&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-UUtMIEuVW_7H777anLWxKcrOlp-RoDKOu4XPqA&google_gid=CAESEDHYluYfNONwyHw8tKAxcP4&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1465566
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-UUtMIEuVW_7H777anLWxKcrOlp-RoDKOu4XPqA&google_gid=CAESEDHYluYfNONwyHw8tKAxcP4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DE4C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2506712247662277737
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2506712247662277737
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2780015
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 20 Mar 2023 00:58:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
47f30f2c-1c01-4fec-8a1f-f5e16771fae9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2506712247662277737
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame DE4C
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-92ybu0uVW_7H777anLWxKcrOlp_belTBdP5grA
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-92ybu0uVW_7H777anLWxKcrOlp_belTBdP5grA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-92ybu0uVW_7H777anLWxKcrOlp_belTBdP5grA
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 00:58:44 GMT
AN-X-Request-Uuid
41a8ade1-9bc5-4d1a-ac4b-d83307879a2b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 00:58:44 GMT
AN-X-Request-Uuid
53177516-0b92-441e-b448-0eb4ed3c1fdb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-92ybu0uVW_7H777anLWxKcrOlp_belTBdP5grA
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame DE4C 		237 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-8PYoqUuVW_7H777anLWxKcrOlp-XF0WG741mUA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 20 Mar 2023 00:58:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Mon, 20 Mar 2023 00:58:44 GMT
tap.php
pixel.rubiconproject.com/ Frame DE4C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-b9kkakuVW_7H777anLWxKcrOlp_uBXxhSTcZeQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame DE4C 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-6sGERUuVW_7H777anLWxKcrOlp9_xai8AKOAnA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.0.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-0-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
/
rtb-csync.smartadserver.com/redir/ Frame DE4C 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Q1hnjkuVW_7H777anLWxKcrOlp-uuDgGCUCvgg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:43 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DE4C 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Lxe6mUuVW_7H777anLWxKcrOlp8VL9oH1j51gg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12495
um
criteo-sync.teads.tv/ Frame DE4C 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-vRVrmEuVW_7H777anLWxKcrOlp8X1VuaMAfLbw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Mon, 20 Mar 2023 00:58:44 GMT
pragma
no-cache
date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame DE4C 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-ySZ0ukuVW_7H777anLWxKcrOlp-3p3innijHCA&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame DE4C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-AS7VekuVW_7H777anLWxKcrOlp8NbUEskQlBgg
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-AS7VekuVW_7H777anLWxKcrOlp8NbUEskQlBgg&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-AS7VekuVW_7H777anLWxKcrOlp8NbUEskQlBgg&verify=true
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-AS7VekuVW_7H777anLWxKcrOlp8NbUEskQlBgg&verify=true
date
Mon, 20 Mar 2023 00:58:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame DE4C 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-f_bCQ0uVW_7H777anLWxKcrOlp_gYj-pkeQuvw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
last-modified
Tue, 22 May 2018 11:52:57 GMT
server
nginx
accept-ranges
bytes
etag
"5b040499-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame DE4C 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-z-kC8UuVW_7H777anLWxKcrOlp98OdvptXE9WA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:44 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
rum
r.casalemedia.com/ Frame DE4C
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XuXrQEuVW_7H777anLWxKcrOlp-5M707L_j_Kw
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XuXrQEuVW_7H777anLWxKcrOlp-5M707L_j_Kw&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XuXrQEuVW_7H777anLWxKcrOlp-5M707L_j_Kw&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 00:58:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 00:58:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-XuXrQEuVW_7H777anLWxKcrOlp-5M707L_j_Kw&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
demconf.jpg
dpm.demdex.net/ Frame DE4C
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=l3M07nJrzi7LX5gyXXnFVdZSvQBQNHGN
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=l3M07nJrzi7LX5gyXXnFVdZSvQBQNHGN
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=l3M07nJrzi7LX5gyXXnFVdZSvQBQNHGN
Protocol
HTTP/1.1
Server
34.255.91.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-91-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0725af682.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2NYxLiX8SY4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-097336e4c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ugivvKsEQM0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=l3M07nJrzi7LX5gyXXnFVdZSvQBQNHGN
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame DE4C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-xU5Z_EuVW_7H777anLWxKcrOlp-vCdQ47ioL1w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 20 Mar 2023 00:58:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ul_cb/ Frame DE4C
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9mkYpUuVW_7H777anLWxKcrOlp-NvhbkvIV4ZQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9mkYpUuVW_7H777anLWxKcrOlp-NvhbkvIV4ZQ
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9mkYpUuVW_7H777anLWxKcrOlp-NvhbkvIV4ZQ
Protocol
H2
Server
54.76.11.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-11-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Mar 2023 00:58:44 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9mkYpUuVW_7H777anLWxKcrOlp-NvhbkvIV4ZQ
date
Mon, 20 Mar 2023 00:58:44 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame DE4C 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-lnzWhEuVW_7H777anLWxKcrOlp_Hu1tK8XoiBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame DE4C 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-xxqVH0uVW_7H777anLWxKcrOlp_BRzX6eg8_PQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.173.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-173-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame DE4C 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-12-qmkuVW_7H777anLWxKcrOlp88NFApmX5ucg&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 00:58:44 GMT
Cache-Control
no-cache
X-TraceId
5407e55972beb3d3987a10baf5f28f2e
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DE4C 		42 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CoUyJUuVW_7H777anLWxKcrOlp_CBct5NMRwoA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame DE4C 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-lIY6A0uVW_7H777anLWxKcrOlp-8WdbIWURZsg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:df20:c9e3:cf31:1af2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 20 Mar 2023 00:58:44 GMT
server
Apache-Coyote/1.1
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame DE4C 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-f4cN2kuVW_7H777anLWxKcrOlp_Qe3Nmwd6A4Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Mar 2023 00:58:44 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame DE4C 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-6oyVI0uVW_7H777anLWxKcrOlp_Fj0Q0xXrm9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Mar 2023 00:58:44 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 19 Mar 2023 00:58:44 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame DE4C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-MM9jaUuVW_7H777anLWxKcrOlp8lXquPplXU9Q&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.242.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-242-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 00:58:44 GMT
content-length
0
NRJS-da3df77ac4540f563fe
bam.nr-data.net/1/ 		49 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-da3df77ac4540f563fe?a=1103125107&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=1900&ck=1&ref=https://provide-savings.com/&be=398&fe=1865&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679273922499,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:14,%22c%22:14,%22s%22:21,%22ce%22:37,%22rq%22:38,%22rp%22:216,%22rpe%22:242,%22dl%22:218,%22di%22:316,%22ds%22:316,%22de%22:316,%22dc%22:1865,%22l%22:1865,%22le%22:1873%7D,%22navigation%22:%7B%7D%7D&fp=327&fcp=327&jsonp=NREUM.setToken
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 20 Mar 2023 00:58:45 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7aaa022ccb3d2c56-FRA
usermatch.gif
beacon.krxd.net/ Frame DE4C
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dnTHop7KMDtVJEHTGOzDxmWnMX87c3Od
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dnTHop7KMDtVJEHTGOzDxmWnMX87c3Od
Protocol
H2
Server
54.72.113.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by
beacon-n010-dub-prod.krxd.net
date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1679273924
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dnTHop7KMDtVJEHTGOzDxmWnMX87c3Od
date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1127683
content-length
0
cs
s.thebrighttag.com/ Frame DE4C
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jqZTI0EtBnRPcX0yabYUHcu578G7yGQy
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jqZTI0EtBnRPcX0yabYUHcu578G7yGQy
Protocol
H2
Server
3.12.8.145 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-8-145.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 00:58:45 GMT
x-bt-requestid
5d63c631-c6ba-11ed-a4e4-0000ac17024f
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jqZTI0EtBnRPcX0yabYUHcu578G7yGQy
date
Mon, 20 Mar 2023 00:58:44 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1223726
content-length
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=373601314474635&ev=Microdata&dl=https%3A%2F%2Fprovide-savings.com%2F&rl=&if=false&ts=1679273924870&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Auto%20Insurance%20Quotes%20Online%2C%20Free%20%26%20Fast%20%7C%20EverQuote%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1679273923365.1899484355&it=1679273923239&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provide-savings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 20 Mar 2023 00:58:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
NRJS-da3df77ac4540f563fe
bam.nr-data.net/events/1/ 		24 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-da3df77ac4540f563fe?a=1103125107&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=2718&ck=1&ref=https://provide-savings.com/
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 20 Mar 2023 00:58:45 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://provide-savings.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7aaa0230adb22c56-FRA
Content-Length
24
/
bubastis-prom-aggregation-gateway.services.everquote.com/metrics/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bubastis-prom-aggregation-gateway.services.everquote.com/metrics/
Requested by
Host: consumer-assets.everquote.com
URL: https://consumer-assets.everquote.com/static-assets/scripts/newrelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://provide-savings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 20 Mar 2023 00:58:48 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7aaa02421955bbfe-FRA
content-length
0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless number| docParseStart object| gtmDataLayer object| xdoo object| visitorMappings function| recordXdp object| google_tag_manager object| dataLayer object| google_optimize function| gtag object| __tti object| __NEXT_DATA__ function| __NEXT_REGISTER_PAGE object| webpackJsonp object| google_tag_data object| GooglebQhCsO object| NREUM object| newrelic function| __nr_require function| onYouTubeIframeAPIReady object| gaGlobal function| fbq function| _fbq object| _fbq_gtm_ids object| uetq function| ndp object| __core-js_shared__ function| _ object| mtrx object| next object| scCGSHMRCache object| __NEXT_REDUX_STORE__ boolean| recordedTimeToMount string| GoogleAnalyticsObject function| ga function| UET function| UET_init function| UET_push object| ueto_3c6c40be00 object| Criteo object| criteo_q string| deviceType object| gaplugins object| gaData

51 Cookies

Domain/Path Name / Value
.provide-savings.com/ Name: visitor.uuid
Value: 1a05203e-fa03-467e-af71-7f8eca922dee
.provide-savings.com/ Name: session.uuid
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMWIzMWFlNzgtYjkxZS00MjNlLWIzYWYtMDdlNDU0MzY3YWViIn0.j_9lmVnmYLm6XPcZaNiqFE59M2uwxcgQTCbQKiDlSr0
.provide-savings.com/ Name: _gcl_au
Value: 1.1.2113973500.1679273923
.provide-savings.com/ Name: _ga_JMN8P5NC9M
Value: GS1.1.1679273922.1.0.1679273922.60.0.0
.opt-out-service.services.everquote.com/ Name: xdooToken
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiNWMwZGE2NTQtYzZiYS0xMWVkLWI3MTYtOGVhZGYxMmFhOWY3In0.FcmR3KLmq-SACPmJ7BIiWNoIAF_bcP2i8XcJOt8a7W0
.doubleclick.net/ Name: IDE
Value: AHWqTUlvd-lvNwVdqTOWHgSNPxg-8jYQjW8LTSsbZnw4m3DlSLuU_d5ZruvEk9V9
.provide-savings.com/ Name: _uetsid
Value: 5c408140c6ba11eda5ff5fc97b64cc93
.provide-savings.com/ Name: _uetvid
Value: 5c40b260c6ba11edbfa34dc52bfab3b8
.provide-savings.com/ Name: _ga
Value: GA1.2.312609484.1679273923
.provide-savings.com/ Name: _gid
Value: GA1.2.834804506.1679273923
.provide-savings.com/ Name: _gat_gtag_UA_218205978_2
Value: 1
.bing.com/ Name: MUID
Value: 13852A6A819B649D2EBB38B080496519
.criteo.com/ Name: uid
Value: 62aac320-57ee-448b-a55c-53747236a430
.provide-savings.com/ Name: _fbp
Value: fb.1.1679273923365.1899484355
.provide-savings.com/ Name: cto_bundle
Value: jau9uF9KSjRsRXhhS05vV0UzbEJsUXF3bExBWDFZZmVWZWl5OEhuTTF0WWE0dUs5aVdhWWZ5c3NyVW10RHNLcTB1YmJOTTQ1d1VGQ0F4R3loNCUyRnBqVnlVQmN6bDhjM1QxNHRHV3AyRDJhVlFKdFFxeU9BdXYxQzc4YW5va0NScW5ybWdEMmYxbkJaczkzU3NON3RSJTJGNFVBWVl0MjhqejFqUExIeERvZXl6eVV4UWFVJTNE
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2Hb7N.$_I!@wnfH1YdP.dEXlSkeH8@40c$>e>+oHxm'SHT!9^)73]lBndQY(B/5Y)F88mD'*Id0zj<Lben6g%nugO%v4VB%np1u+W_:T
.adnxs.com/ Name: uuid2
Value: 341163471779468440
.media.net/ Name: visitor-id
Value: 3222755248884012000V10
.media.net/ Name: data-c-ts
Value: 1679273924
.media.net/ Name: data-c
Value: k-8PYoqUuVW_7H777anLWxKcrOlp-XF0WG741mUA~~3
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.bidswitch.net/ Name: tuuid
Value: fbaa338e-22c2-4329-9fa9-95e011e312df
.bidswitch.net/ Name: c
Value: 1679273924
.bidswitch.net/ Name: tuuid_lu
Value: 1679273924
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%225d06d920-c6ba-11ed-be6b-2d76074623bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%225d06d920-c6ba-11ed-be6b-2d76074623bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%225d06d920-c6ba-11ed-be6b-2d76074623bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%225d06d920-c6ba-11ed-be6b-2d76074623bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-xxqVH0uVW_7H777anLWxKcrOlp_BRzX6eg8_PQ%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: ZBevxHV110yiNYIoSQh8BwAA
.casalemedia.com/ Name: CMPS
Value: 5190
.casalemedia.com/ Name: CMPRO
Value: 5190
.yahoo.com/ Name: A3
Value: d=AQABBMSvF2QCEBjGVzOExJXiF0jr3Z_-voEFEgEBAQEBGWQhZAAAAAAA_eMAAA&S=AQAAAjtdzIs7k5rK2H0_7Rg9AIw
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~2am0
.demdex.net/ Name: demdex
Value: 75484372458314334501061535142073506652
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-CoUyJUuVW_7H777anLWxKcrOlp_CBct5NMRwoA&KRTB&23144-uid:k-CoUyJUuVW_7H777anLWxKcrOlp_CBct5NMRwoA&KRTB&23286-uid:k-CoUyJUuVW_7H777anLWxKcrOlp_CBct5NMRwoA&KRTB&23287-uid:k-CoUyJUuVW_7H777anLWxKcrOlp_CBct5NMRwoA
.pubmatic.com/ Name: PugT
Value: 1679273924
.360yield.com/ Name: tuuid
Value: 8d94548f-399a-4300-aa60-96b2405c7892
.360yield.com/ Name: tuuid_lu
Value: 1679273924
.dpm.demdex.net/ Name: dpm
Value: 75484372458314334501061535142073506652
.360yield.com/ Name: um
Value: !38,hXuo3kpyz6rUduqHXCYvlAIJQ8UrOzgGwzqfgsASztq4YPrKCMqR3WUdlq937pa6yQKj9lxu,1687049924
.360yield.com/ Name: umeh
Value: !38,0,1741481924,-1
.krxd.net/ Name: _kuid_
Value: PceUGWf8
.tremorhub.com/ Name: tvid
Value: b0848bbbe2a84d4b8257c342d922acdd
.tremorhub.com/ Name: tv_UICR
Value: k-lIY6A0uVW_7H777anLWxKcrOlp-8WdbIWURZsg
.nr-data.net/ Name: JSESSIONID
Value: d82279f2e3229cbb

4 Console Messages

Source Level URL
Text
network error URL: https://provide-savings.com/api/zip_codes/?zip_code=60326
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://provide-savings.com/api/prepop/xdp/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://ads.everquote.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
ads.everquote.com
ads.nextdoor.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bubastis-prom-aggregation-gateway.services.everquote.com
cep.services.everquote.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
consumer-assets.everquote.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
js-agent.newrelic.com
match.sharethrough.com
matching.ivitrack.com
maxcdn.bootstrapcdn.com
mug.criteo.com
opt-out-service.services.everquote.com
p.everquote.com
pixel.rubiconproject.com
provide-savings.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tpx.everquote.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
104.111.217.42
104.79.88.129
13.248.245.213
141.226.228.48
142.250.185.194
151.101.2.137
162.19.138.119
162.247.241.14
178.250.0.157
178.250.0.163
18.195.173.152
185.255.84.153
185.64.190.80
185.80.39.216
185.86.138.152
185.89.210.90
185.89.211.116
2001:4860:4802:32::178
2001:4860:4802:34::36
23.45.237.121
2600:1f18:612b:4200:df20:c9e3:cf31:1af2
2606:4700::6812:137d
2606:4700::6812:1c44
2606:4700::6812:1d44
2606:4700::6812:acf
2606:4700::6813:f81e
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:2638::14
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.12.8.145
3.67.0.77
3.71.149.231
34.117.157.22
34.255.91.107
35.156.220.94
37.157.6.245
52.40.146.155
54.72.113.247
54.76.11.91
63.32.242.157
69.173.144.165
70.42.32.95
74.119.119.150
85.215.5.31
0409b0c26dcd12142919e8bd6a403d4f55b3445f2e9346b2401230b1b1c2cf9b
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0c96c28275124d83661d8ee174481cc2effad2702cd20cfe63fa497c1c5a3056
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
111c52153297ba807b8463b4041bd56cf175fae7254266e949ab6881d717c0bc
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
12f2246381eab88cb7a416daf031e6097a0e5ad571a5635a1e7cabaaec1cd00c
1482460b62f77b38261d91c68ccbdbedf0daa93da81da108ce6f361802e8bda6
18d6168808aef8ec04092413a7803bbbab133aabd72b6c27b2fab9d30b785b4c
18d840af2c50eff9a5241d4b50833a596e6b71af0cee87cf2b3435345f2f7aba
2643706261fd97a2c692da484d7e8740ab90fc60ea808dc5f510d43099f18a49
26ce86666e24e4078a6b5bff6e86876cc005f5132abbf320712b399c12bd2825
320a7c404199e093522579ed5bec03e142179f0a04bbdc1b466b965c74383ec2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35aa5bec3631eb73738416ad2ab893bce48063c5dedf0b4ff82003220fa631fb
37ef8624dc540e59c6759de93e926aef623dfe9c4965daa2900d9574b382cb1b
3f7fe1f0de4f84b34de572548ddad84479e55a0f891dd8a34c7096a81530c398
40adc6413cbd894020def935e8203af971a389acbf8ee62dd449eb42d06108cf
4726b38a436a92a97ea0a590677935d81423a1db6178137c0936183737002c77
49373ed0b4e23a3be036fe3308cf6fa92f958ec8a8ad730b17917e40e3df442a
4a64d229a37110288c80759cd72f1f4bf80af4f99e4e9b75f7d55310f691b57f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55521d2694d01f76faeecc943ba5481dd6bf2aae7cf3e6969527e4a08e8f5bba
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6b69609c2112d16e58ddd2e4662390e7bad2df16ea75d08f420cf4f8c51c7f77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77e69cf612ac1dc1d7ac533493ba2085f9e5643f85d26478e93c397012fab2dd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b8081841db1b31d7c56ef8e8e3a422ca3c340039757f4c6622b69b67db8cee
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e9a573c12a40420566055f5473212c62dc7f4f938a59fed11f3eaab7e2aa3c3
92155f778d28f0ee6cf57cc80707c08979a4e14424db1c91003b6d0cd2745769
96303fcc34be5d01c2fb5f83c28de84e878809c4cc6bdc83514b26de63453efd
9711553f3832e36e06756b4a96c64b17f5fb62fbb643f8c55864a4f839e6aa1d
a029ab01a4de0ca7310e136555e9d2ab8c284498237ce4468ec76691c64c0dd0
a039606f0ca9791e69653056672255cf8325baf0585fc30b2ca63b94e728d2a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a5fb64e14a229f84fba7a2c13b7c0b889ecb7c11406b5a13a02cb4f34efcee90
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56a6a06b5401f6392ff61a10014dc1dcc8a6d8dcdec6406da2b5d611e9ae156
b9d1bc8eb35f5cdcbba1163b6e195a6aedc332a687e6f63292a1b0852a1b3cb0
baf143f303c3fc68330dff7f760f4f545216d06fa60cc432b685c98518ba4cec
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4d44de64b672700bb610ce4c9bc88afb10f567ff23999f8eb26af6575ca81b4
c52cb04d2a5164f92012244a854fc7eca972f7f60be5063488d3b3ac05cdc99d
c6e97ce6d29bf59a45a603941a583b98653162d4ed95cb706b12544b9f58d090
c7c1a04323f042ce9a928979f5351667aeba6d5f6ea20e1fefe78e1ccc1b074a
cfc76b19d48b4fefebc0e3eefae052e1654241e542322655c57b9d77eb860f37
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4287263d2497d2db5364b0981292eb8492eab08f8d2a1d7b9ccb2df5a02a2b4
da2685b956436e6e29b68583ed959f3353d1ca6cad3b8feffee0cb7765745d51
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0c5f0789c5fa64c0a781db8fd999ba90b52fb207156e0cadc70e8a9beb05b0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4926dca0e837a829e40b93f7fa7e0102ec64d2b6124152fe5e2ce59743d889b
e697cadb19785c0e918741b9c913362409cae44767e2bf4ba33a66ad8322a660
ed120ba99bbd01f0f964168df7ff7cc94bcae99138ecd2f1d01afd51100a2b01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f90d44af1ba18c207f8254404de1bb6f80d4f2869215fc5eb34ad4d67b2883c5
fe33e7d150a0d825321e84eac122ee43cef7d7b070882760ea4552e3c9ee519f