| www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b | 104.21.86.242 | 302 Found | 208 B |
URL HTTP/1.1www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b IP104.21.86.242:0
File typeHTML document, ASCII text Hash4a801ccdf3cff09d02718033c727d0ac d9c935e0676cd6f2d451ee9d6a6fef04c469f170 ecc49d6d262731ac5205f23036222a44db9483b652e7a3fba4686d0f3cab2671
GET /BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b HTTP/1.1
Host: www.zalkkweet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 09:39:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
accept-ch: Sec-Ch-Ua-Platform-Version
location: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
set-cookie: uniqueClick_GDPPSNP=73d2c008-35c5-41ec-a4d9-d7deb8dffc3b:1680255556; Path=/; Expires=Sun, 30 Apr 2023 09:39:16 GMT; SameSite=None
transaction_id=362602c2b6144ae9af4d147dd1eb2196; Path=/; Expires=Thu, 29 Jun 2023 09:39:16 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 09b5e608-961a-4265-bffc-165a72bf4653
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvfyag7Vjt4oaqbwLSkjIv74tR2seOr5hc4kXUKZbI6I%2BNECHEOVs7Q3xfRqB2GESDn%2BvFXqPvUKXMc5hLBJiQmz20tJeVjfmV6CWyCqbGjrmu2AdCksAgdqUDr4Oa0adCWO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b079fc9bbabb527-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 09:28:23 GMT
content-type: application/json
age: 654
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lsBpCzHlvoRHmRsqbX57jJhaDz4EovCoJt/TeJTTC+UWEm6dgQJ2ffUGpI9/yFFe6bZfVBzLqHU=
x-amz-request-id: 20KBP4WNEE9S6439
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 09:03:17 GMT
age: 2160
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:39:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 09:14:39 GMT
age: 1478
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.189.54.42 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.189.54.42:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kPqaiTGb6AFD7vEk2DeBpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Udo2cW1Ce4YUxeGUpVACP2qC4Sc=
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash211d737362f7cbcd8c77cee7d29fa2f5 668d1d80c88082928c6ca01fbf1ccbfcd079f64f 05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:59:56 GMT
age: 18596
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashef54a1ed997cc09495edb102ccdf6803 f5637efb37b5eecff77e60e6bcf5f599991f334f fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:47:32 GMT
age: 10307
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1688ae550e5e9181de2448a9cade8a26 a46eb0cd75f46778dc802b648f7c391ce801c700 e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: aad4ce89-7ff3-484a-b644-ecda89a2ff16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVW5EPJoAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260292-41fb44737ee678bc7c93b7ff;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:43:46 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: aCuRurszjWr-BePwsnPfCqMpfO2GaREtRvvFGiiywmfsuAGFRRK9sQ==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:20:16 GMT
age: 4743
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8a2b8f737604b7983cf686c82599dc73 aa63be93c4cd641f09ce0d5144ef60aab21caed1 78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 42716
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashda174e6ccc9451c5071ba10eeb97f6f6 c38827a9ac1218768839877263e1f2984fbdc454 76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 00:11:32 GMT
age: 34067
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha3b5eaa5d578299f8a506df71865d4d5 99fc13dea248dd6316e4abe545c80ad9df9bc1cd 30baa165074984ba7de6fc42cd1959d63c3f17c8f5b7cfabd68511136ff9e4ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10323
x-amzn-requestid: 5851fc9d-f75e-4237-87de-45b881d1d553
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnJEb4IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260160-2003d3df2d802faa74ca5096;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 28pB4vd4QIm-Q7aEpaoOVhSU5Tw7HiZfViMfqJ_Jk4Z2KtoDOcaOrg==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:59:58 GMT
age: 41961
etag: "99fc13dea248dd6316e4abe545c80ad9df9bc1cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7117d0725779b203269d6c54c3ccedcf 24f4e806fd15c39484288a88c67117c918ce0829 ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:39:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7117d0725779b203269d6c54c3ccedcf 24f4e806fd15c39484288a88c67117c918ce0829 ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:39:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| autoinsureconnect.com/css/frontend/custom.css | 20.69.117.1 | 200 OK | 413 B |
URL HTTP/2autoinsureconnect.com/css/frontend/custom.css IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hasha24e874f8b5342760d39269287386de1 a0e229b0f8ea4f6d7591435736a1cf36c09fc261 ca1b39184cbe3b7cc53c8de16c49bb3acb80e32127ad2d8a732211b174e4dbd9
GET /css/frontend/custom.css HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: text/css
content-length: 413
last-modified: Tue, 15 Feb 2022 14:29:26 GMT
etag: "620bb8c6-19d"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/logos/aic.png | 20.69.117.1 | 200 OK | 11 kB |
URL HTTP/2autoinsureconnect.com/logos/aic.png IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 357 x 58, 8-bit/color RGBA, non-interlaced\012- data Hasha1e23a6bdb00c86989e7ccb9eda4499c 495ad4fe6bcac44d36ab2b06d2322450f3dfd910 693acc3b63f9243ae4c93d346f3be0a63f1f46b4b812a12056a25e67a17d7c71
GET /logos/aic.png HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: image/png
content-length: 10799
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: "626f793d-2a2f"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/js/generic_calls.js | 20.69.117.1 | 200 OK | 310 B |
URL HTTP/2autoinsureconnect.com/js/generic_calls.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash348b1a0211b3261fdad2d18d2133c251 5b1aa9f7b645815119917e6924abc6d42f7d5f6e 3b81feaf7885d0f1b7ad3ed370d6eecec6edc36b946a80aba83fdb3a4ce0fabc
GET /js/generic_calls.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 310
last-modified: Thu, 08 Dec 2022 11:22:24 GMT
etag: "6391c8f0-136"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hashecd05e7682c48a6f2125327c38d3574f 0c13369d1a3875be37469e0a7d2998e16b355464 5f47df4197ef2e6c446ac3a3d54ac19060a41e5bccd6c9111311b71b01241f10
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93692
Date: Fri, 31 Mar 2023 09:39:21 GMT
Etag: "642564cd-1d7"
Expires: Sat, 01 Apr 2023 11:40:53 GMT
Last-Modified: Thu, 30 Mar 2023 10:30:37 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pIHpUhrNambbi2QA4SkDblzIzbsdLVa1dnY6k-fJehDm3oXB4P6-pw==
Age: 4216
|
|
| autoinsureconnect.com/landing/Auto/aic/images/zipcode.png | 20.69.117.1 | 200 OK | 1.4 kB |
URL HTTP/2autoinsureconnect.com/landing/Auto/aic/images/zipcode.png IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 356 x 52, 8-bit/color RGBA, non-interlaced\012- data Hashaecc2d731480cacdc280628dbd80a3bc 4e71b149160fa043f7a497a9d74ec54b4e6ddab3 be1bf1d01c105c65ac4ecc85381a0a637fbed24ab321001fcad6342208d45d2e
GET /landing/Auto/aic/images/zipcode.png HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:21 GMT
content-type: image/png
content-length: 1437
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: "626f793d-59d"
expires: Mon, 25 Mar 2024 09:39:21 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/landing/Auto/aic/images/btn_n.png | 20.69.117.1 | 200 OK | 14 kB |
URL HTTP/2autoinsureconnect.com/landing/Auto/aic/images/btn_n.png IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 296 x 60, 8-bit/color RGBA, non-interlaced\012- data Hashef4d3fa6b1d6c570600b9222c7479a4c d52a399c5b9432440e00e99f125baf10eaf97ff2 16d51e3866be2ce1a563ee5fc3169cb353656be83488ab6355a1c140afe14e02
GET /landing/Auto/aic/images/btn_n.png HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:21 GMT
content-type: image/png
content-length: 14226
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: "626f793d-3792"
expires: Mon, 25 Mar 2024 09:39:21 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/js/validation.js | 20.69.117.1 | 200 OK | 2.3 kB |
URL HTTP/2autoinsureconnect.com/js/validation.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hasha5e741dd403a17281f249bfb33646a06 32ef65d6bfebea30a16f9b61b1bac2eeb85248b3 a318cea68e6377af0b845ff5e9006830ba5ca92c028338de9560dcdff9aac442
GET /js/validation.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 13 Jan 2022 09:58:40 GMT
etag: W/"61dff7d0-2f7b"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash2861dcb4dcae0f11fed6021eefcb116e 7b303aaf4248c057fdbd5daa03c27052e33fed22 fb61f93ac93296dd47504278c4dfdd053a5c482d5b347d30545ff1bb0df318b6
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167755
Date: Fri, 31 Mar 2023 09:39:21 GMT
Etag: "642687f2-1d7"
Expires: Sun, 02 Apr 2023 08:15:16 GMT
Last-Modified: Fri, 31 Mar 2023 07:12:50 GMT
Server: ECAcc (bsa/EAF6)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ngqGB0DYm5moB1-gPzckCf_CFFz0fix1YK22jFrkvrU610wpQ7VSSw==
Age: 3746
|
|
| autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js | 20.69.117.1 | 200 OK | 30 kB |
URL HTTP/2autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash3984a3337294bc20778b1b5d25991585 9369de1a4eb02d689bcf743fe7b62af9dfc63035 5ed486609433f8e4e429e73ca86c17bbda1df83088792f1fc72ef8ce9715b948
GET /js/frontend/jquery-2.2.3.min.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Aug 2021 13:58:34 GMT
etag: W/"6128ef8a-14e9a"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash8117ff93449b2507eeb4c9881aacd6db afd407b7ab7aa76d374e146a9ba9df7304f0d9ab a416c796986e917ba3d9e9e9b52610a3f57e6d1144bf43e7070d7a88c4046854
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 09:39:21 GMT
Last-Modified: Fri, 31 Mar 2023 08:04:00 GMT
Server: ECAcc (nya/79F3)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V29z_hz2xrEMv0SeNZm0SPM8WnPPq6uVpZEqwnyrsx8B_DsN9wilLQ==
Age: 5721
|
|
| autoinsureconnect.com/favicon.ico | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/favicon.ico IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:21 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 07 Jun 2021 13:18:53 GMT
etag: "60be1cbd-0"
expires: Mon, 25 Mar 2024 09:39:21 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hashb2595847b4b5ca7c8bfc690c5911b584 1e3792813466972917ff6967d0214971f8efce26 b8e168c47e30fd9e1e28301c88d84704a6ea061b3469e7a0f7595cb1124988d7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125863
Date: Fri, 31 Mar 2023 09:39:22 GMT
Etag: "6425e799-1d7"
Expires: Sat, 01 Apr 2023 20:37:05 GMT
Last-Modified: Thu, 30 Mar 2023 19:48:41 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rRZyxrVI_J-Pu15RGoPiofiPe78b7OEZQPAve00SaTE4uGqO55frDA==
Age: 2905
|
|
| d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA | 54.230.245.142 | 200 OK | 1.4 kB |
URL HTTP/1.1d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA IP54.230.245.142:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashef825b8a88a51cd76a51d08dfc1d4f99 5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b 2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1
GET /iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 23:14:37 GMT
ETag: W/"641b3057-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WBu_eBSqsQa6sgVTrL8AJUJ2swWRKT9lqfyV_Th48VSuEp5SmeH-zw==
Age: 37485
|
|
| api.trustedform.com/certs | 44.214.250.22 | 201 Created | 475 B |
URL HTTP/2api.trustedform.com/certs IP44.214.250.22:0
File typeJSON data\012- , ASCII text, with very long lines (475), with no line terminators Hash3fde2e9b373dab9f3a5451f6662db136 ca86f21b9df6a87020d403e50bb5bb6e495c74a7 f8e612b611ff79e17d424659ef1b89191a033b8ef5e02e4f1c087e4c3373946a
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
|
|
| create.leadid.com/2.11.9/SaveDom?msn=2&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835468 | 3.216.107.174 | 200 OK | 20 B |
URL HTTP/2create.leadid.com/2.11.9/SaveDom?msn=2&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835468 IP3.216.107.174:0
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /2.11.9/SaveDom?msn=2&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835468 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguserid=1b4b454d-bc77-4b18-ab0d-8cbf0f0456d4; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/js/form_validation.js | 20.69.117.1 | 200 OK | 43 kB |
URL HTTP/2autoinsureconnect.com/js/form_validation.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeUnicode text, UTF-8 text, with very long lines (32003) Hash49f18e17b228c61dfcff4b6ab92c435a 9314e4e59b1b22ecd2d0b5617cb000b2ff2cc48b 44fe7752353295809f29426e0a31baa0c260cea1b71703bddec1a44b089b4baf
GET /js/form_validation.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 18 Oct 2022 05:18:32 GMT
etag: W/"634e3728-63b"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hashb4b81648f73d1361e77f09e63be132ce 6319ea2b4175fa96d68bb53e04ed41493a2ab788 679e2e28a9c07e5c04c65dfbc44e1921043f3b5be342e9202e0373f4bb774ff8
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 09:39:22 GMT
Etag: "6425b7e8-1d7"
Last-Modified: Fri, 31 Mar 2023 08:33:17 GMT
Server: ECAcc (dcb/7FC0)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CruWyUUQYNj0LUf93r6Awoy7bo_zXDBDYdU7EHF9woVwOwgQs49z9Q==
Age: 3966
|
|
| api.trustedform.com/certs/728ae70b903e9717540b0a1fadb4d8644847017e/events | 44.214.250.22 | 204 No Content | 0 B |
URL HTTP/2api.trustedform.com/certs/728ae70b903e9717540b0a1fadb4d8644847017e/events IP44.214.250.22:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/728ae70b903e9717540b0a1fadb4d8644847017e/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 222
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:39:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/update-anura-status | 20.69.117.1 | 204 No Content | 0 B |
URL HTTP/2autoinsureconnect.com/update-anura-status IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /update-anura-status HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: B6nZjU9ZE8ozedqCGgNX9niz4flscUFsdxwnQz8K
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:39:23 GMT
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlZOV1crN1lLUkV3ZHo3b3M2Y1NPRFE9PSIsInZhbHVlIjoiMVZ2OGkrMkN0YnpnR3VDU1B0WHNnYm0wQS9DdzlNbGw3Snh1QUtGaWRZYlVoaStlMlYvTS9GVWQ1MnlwdXJXN3Z0S2w1Unc1eU0weEw3NFRWMzRmSHRMQ2E5TVpZUnVmSmhwc21EVXNYTTVjYTFBcE1FbE9XclNoY2doNXR1cGciLCJtYWMiOiJmNWIzYjgyOGI2NDBkNzQ5MzViOTVjOTVkZjdmMDdhM2MwZWY5YjIzNWM1YjBiYjFlMDEyYmZmNTI4ZGVjMjkzIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:23 GMT; Max-Age=864000; path=/; samesite=lax
admin_panel_session=eyJpdiI6Im44S2kySmpOZkhQMkJuVFpHSUFzcWc9PSIsInZhbHVlIjoieXhOZ2dDcnlwblJrZmJLb29Oa2xjcjVBaG1mclFRcElMV1h1V1Q3THZ3RmUyZXdnOVR0bnUxS01PaE9jT01MUHREcWFOZzFvd0FrTHgwMXBwSUNnWnVQZ2E1R2NPNS9aaFVmWVM4K3JjSDlhcVB6YkRudlhEOXVaYkdUMVBnZm4iLCJtYWMiOiIyZGY0NDRkOTMwMTQzMzNhNjRlN2NlNjkxYjI2Yzk4MDFiYTRkYmE5NGIyZTY1NzFmMjNmOWE5ZGIyNGVlY2M3IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:23 GMT; Max-Age=864000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:20 GMT; Max-Age=864000; path=/; samesite=lax
admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:20 GMT; Max-Age=864000; path=/; httponly; samesite=lax
local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D; expires=Mon, 28-Mar-2033 09:39:19 GMT; Max-Age=315359999; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Droid+Sans:400,700 | 142.250.74.138 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Droid+Sans:400,700 IP142.250.74.138:0
GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 09:39:20 GMT
date: Fri, 31 Mar 2023 09:39:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| create.leadid.com/2.11.9/Snap?msn=5&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835471 | 3.216.107.174 | 200 OK | 0 B |
URL HTTP/2create.leadid.com/2.11.9/Snap?msn=5&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835471 IP3.216.107.174:0
POST /2.11.9/Snap?msn=5&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835471 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 100949
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:23 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/
rguserid=99a7b2a1-4c35-4f73-ae7d-bf0c3949457b; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/js/criteo_event_call.js | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/js/criteo_event_call.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/criteo_event_call.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Nov 2022 11:10:26 GMT
etag: W/"6368e7a2-d67"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/landing/Auto/aic/css/style.css | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/landing/Auto/aic/css/style.css IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /landing/Auto/aic/css/style.css HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: text/css
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: W/"626f793d-61a3"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/js/common.js | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/js/common.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/common.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 Mar 2023 10:54:56 GMT
etag: W/"6411a400-850"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| create.leadid.com/2.11.9/InitFormData?msn=4&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835470 | 3.216.107.174 | 200 OK | 0 B |
URL HTTP/2create.leadid.com/2.11.9/InitFormData?msn=4&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835470 IP3.216.107.174:0
POST /2.11.9/InitFormData?msn=4&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835470 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1079
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguserid=729e4e2e-caaa-4b34-b085-b2b7e7d69556; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813 | 3.10.87.198 | 200 OK | 0 B |
URL HTTP/2script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813 IP3.10.87.198:0
GET /request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| create.leadid.com/2.11.9/InitFormData?msn=3&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835469 | 3.216.107.174 | 200 OK | 0 B |
URL HTTP/2create.leadid.com/2.11.9/InitFormData?msn=3&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835469 IP3.216.107.174:0
POST /2.11.9/InitFormData?msn=3&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835469 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2099
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguserid=ae620db4-c841-4ff8-9503-c39b81cfb855; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/save-trusted-form-urls | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/save-trusted-form-urls IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /save-trusted-form-urls HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: B6nZjU9ZE8ozedqCGgNX9niz4flscUFsdxwnQz8K
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D; leadid_token-28E26C96-47B1-6572-594C-870A142734FA-E4A414D8-5B2F-FC13-0E46-7F6E7994C38F=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE; jornaya_lead_ids=["2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE"]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjdhMUQydm1DV1g1QVpkNEVsTHY3dkE9PSIsInZhbHVlIjoiWGlIS3lTVDRkZkFkZklRVGQ2aFdtQVJSOEZSaEpUYXRUTkhySk1xMUJMZWJ2WHdhZk9vbUh4UVpHTnBUR0hZRVVvN0phelo5OFBISG8rd2EyN202V3V5aG9FWm53ckkzZC9oTkJyait0RU5ZV3RvRmtFa29iSzNUaFZVcUM3V3QiLCJtYWMiOiIwYzBkOGVlN2ZhYWFlOWJjYzdlM2VlNjg5MWZlOWYyMTY5Y2Y3ZTQzZGI2MzhhMzM3YzNmYzRlMGM2NGYzZjZjIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:24 GMT; Max-Age=864000; path=/; samesite=lax
admin_panel_session=eyJpdiI6Ik5YZy92VnNTamRhMzNKQm5XZ2p4T0E9PSIsInZhbHVlIjoidnJaWkNTelNqbzVGNFNiQzZTa1hGMDV0NXJSTTlEZ0p4ekxDUzllQzRub1lObVA5d2ZIam1tRXArOExaUUk0NGMxQytlSDFwMlNxT0JoVGR3QUMxdjU0cnFqSG1OTk1vSjJFT0JVcVFSWVBXZzBiZ2gvL01ocFU5MmovSXYwT00iLCJtYWMiOiI1NTY0YmY2MDYxMzlkZDMxYmVhYWJjM2JkMjVmYWUxZWQ4YjQ2NDk4NjZhZWZkMWRhZWFhNGMxNzdlNDg1MzIwIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:24 GMT; Max-Age=864000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| autoinsureconnect.com/js/landing.js | 20.69.117.1 | 200 OK | 0 B |
URL HTTP/2autoinsureconnect.com/js/landing.js IP20.69.117.1:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/landing.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 09 Mar 2023 08:03:58 GMT
etag: W/"640992ee-2ae9"
expires: Mon, 25 Mar 2024 09:39:20 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| script.anura.io/response.json | 3.10.87.198 | 200 OK | 0 B |
URL HTTP/2script.anura.io/response.json IP3.10.87.198:0
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 3480
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| script.anura.io/result.json | 3.10.87.198 | 200 OK | 0 B |
URL HTTP/2script.anura.io/result.json IP3.10.87.198:0
POST /result.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 35
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f0754c01-2445-4a56-8c82-804e50453287&_=585835467 | 3.216.107.174 | 200 OK | 0 B |
URL HTTP/2create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f0754c01-2445-4a56-8c82-804e50453287&_=585835467 IP3.216.107.174:0
POST /2.11.9/GenerateToken?msn=1&pid=f0754c01-2445-4a56-8c82-804e50453287&_=585835467 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 329
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:39:22 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguserid=3531698e-e583-408e-b259-288d27e17434; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
|
|