Report - www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b

Report Overview

Submitted URL
www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b
IP
172.67.137.242
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-31 09:39:27
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	54.189.54.42
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	62 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	686 B	1.4 kB	142.250.74.131
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
autoinsureconnect.com	unknown	2019-06-28T06:12:07Z	2023-03-31T20:03:08Z	26 kB	113 kB	20.69.117.1
create.leadid.com	14598	2014-01-22T14:55:11Z	2023-03-31T23:52:00Z	2.9 kB	4.0 kB	3.216.107.174
api.trustedform.com	23021	2012-10-29T06:30:13Z	2023-03-31T23:51:57Z	960 B	1.0 kB	44.214.250.22
script.anura.io	43801	2017-05-19T21:00:19Z	2023-03-31T10:14:33Z	1.4 kB	1.3 kB	3.10.87.198
www.zalkkweet.com	unknown	2022-12-03T21:11:43Z	2023-04-01T07:15:37Z	500 B	1.3 kB	104.21.86.242
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
d2m2wsoho8qq12.cloudfront.net	unknown	2013-05-25T05:15:49Z	2023-03-31T23:52:01Z	668 B	2.0 kB	54.230.245.142
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-31T21:26:20Z	1.8 kB	4.9 kB	54.230.80.227
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	405 B	630 B	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-31 09:39:21	high	Client IP	18.159.105.57	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard Low Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js	86 kB	2023-03-07	2024-04-25
Pretty URL autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:14 Last Seen2024-04-25 12:11:45 Times Seen1090 Hash 48abd2372de119dfd7ffb96c8f307bfe da49460a365d995ef121403cece389dafe496505 04685bdefed2099cae5f544505b8319ee7ae4d0a7f90a93b2e764bde5cad1de6 Loading...

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	409 B	2023-03-14	2024-03-03
Pretty URL autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:36:57 Last Seen2024-03-03 16:12:43 Times Seen207 Hash ec55f25bb8172abf94702d58e0c55453 cdc55d97c0e6a63c7ea84c2571dc13147d890366 a766ffb83335ad968b54cb9a153f9133fb2a74fee4569c74880f8613ca066371 Loading...

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	206 B	2023-03-26	2023-04-05
Pretty URL autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:50:00 Last Seen2023-04-05 01:33:49 Times Seen10 Hash 6ebc51f79e9f5477f24ed887657cd582 2e7933836b0cbb55fb2b8bb6cf11ead254afeb3b 280c2fc930a4c254dddc2830759dbe951b1c7d2ab4bfa80b3c7f450121e4131c Loading...

	create.leadid.com/2.11.9/SaveDeviceId.js?lac=28E26C96-47B1-6572-594C-870A142734FA&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&methods=48&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&uuid=8f2d95317d764816ac39a2d013126c79	0 B	2023-03-07	2024-04-26
Pretty URL create.leadid.com/2.11.9/SaveDeviceId.js?lac=28E26C96-47B1-6572-594C-870A142734FA&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&methods=48&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&uuid=8f2d95317d764816ac39a2d013126c79 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:12:24 Times Seen37088204 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	autoinsureconnect.com/js/validation.js	12 kB	2023-03-11	2023-05-18
Pretty URL autoinsureconnect.com/js/validation.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:32:12 Last Seen2023-05-18 16:12:02 Times Seen18 Hash 06ea030ae2d575e41891bfeda2c67fa0 79f868dedf5af242b82ffa3d29f1e03f1de58630 c99266c9e99b6029ec1bf10c72f8b599caadee3d580d1f1231a75849b244f205 Loading...

	autoinsureconnect.com/js/landing.js	11 kB	2023-03-26	2023-05-18
Pretty URL autoinsureconnect.com/js/landing.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:50:00 Last Seen2023-05-18 16:12:02 Times Seen17 Hash ca8b2bb5e943d864bc27e25e99dfdbf9 acca37dd0c108cf591ea514cb8a0a9df1b46c9d9 fc5adb55f6893a8395902d0188ca06cf3fd70eda1aaf2625675f950dd3cec41d Loading...

	api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16802555610620.3850798534949329	7.5 kB	2023-03-14	2023-05-12
Pretty URL api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16802555610620.3850798534949329 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:55 Times Seen658 Hash 1b4d8abad5e0668a237e388577c6a93c cb8199d9e56f094c63ba8b451239035205422f0f 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA IP 54.230.245.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	cdn.trustedform.com/trustedform-1.8.38.js	104 kB	2023-03-14	2023-05-12
Pretty URL cdn.trustedform.com/trustedform-1.8.38.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:56 Times Seen1009 Hash a71c6d4fa015e7b61cc1fc54ff9b242e a4564cb80c9d7b516360f361cbddbe66b7abb8aa d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e Loading...

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	130 B	2023-03-26	2023-04-05
Pretty URL autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:50:00 Last Seen2023-04-05 01:33:49 Times Seen10 Hash 5748c686a53ccd876985bd22a49e464e 9eea87f1863612b6624059452966bda16685ddb4 4fa0e30a82410586f242ce5c1be1a9afb54d58a517ce4024b68704619fdb3f07 Loading...

	autoinsureconnect.com/js/generic_calls.js	310 B	2023-03-13	2023-05-18
Pretty URL autoinsureconnect.com/js/generic_calls.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:24 Last Seen2023-05-18 16:12:02 Times Seen19 Hash 348b1a0211b3261fdad2d18d2133c251 5b1aa9f7b645815119917e6924abc6d42f7d5f6e 3b81feaf7885d0f1b7ad3ed370d6eecec6edc36b946a80aba83fdb3a4ce0fabc Loading...

	autoinsureconnect.com/js/criteo_event_call.js	3.4 kB	2023-03-11	2023-05-18
Pretty URL autoinsureconnect.com/js/criteo_event_call.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:32:12 Last Seen2023-05-18 16:12:02 Times Seen15 Hash 6abd7dcc436b36da957c5fbfc8df4ab3 eddb5ef97f32cb8eb98a148059dc2169b3a3fd2e 1d8f7961f0862795b0a5054a126ffaad4adcb6bcc86ea4bd5f971ec84532a854 Loading...

	script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813	56 kB	2023-04-01	2023-04-01
Pretty URL script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813 IP 3.10.87.198 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:54:13 Last Seen2023-04-01 10:54:13 Times Seen1 Hash 975e584f2fd69104dd05ec09f2b40068 a1105bda9cf2e0cb03d7cff81e5f25cacb48bb7b 9c5e2ddfcbf770a3635e1972c5774d581cd1bbc2c3cf188b41a0cd53b7061d95 Loading...

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	395 B	2023-04-01	2023-04-01
Pretty URL autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:54:13 Last Seen2023-04-01 10:54:13 Times Seen1 Hash 60b2d9da1cb69465a1e59a3504886934 0e3cb94a159e8636cf95c9f7cf284caabf194b08 96cea9298738e6503e21fbcdb70abbb620143ca55e11d7706c969adb2ac0c2b6 Loading...

	autoinsureconnect.com/js/common.js	2.1 kB	2023-03-26	2023-05-18
Pretty URL autoinsureconnect.com/js/common.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:50:00 Last Seen2023-05-18 16:12:02 Times Seen14 Hash e36589bb794756470a9d764b6074246a c5422c42d4aa4846579a104691246127ff047d94 7c762dbfb7ca2cd55ffb3bfdfb2b2ba95fbf8e279470908a47727de9e94c00a7 Loading...

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	363 B	2023-03-26	2023-05-09
Pretty URL autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:50:00 Last Seen2023-05-09 04:47:10 Times Seen11 Hash a5280deaf7b44ca10c71a2825230bb83 499efc49503959c83628ad2baa07d619ba3b5fc2 156bc860883596228e22bbc13759d218da5d523b6d8cb3104af7b3d1b5ff6fb7 Loading...

	create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2&f=reset	126 kB	2023-03-13	2023-05-18
Pretty URL create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2&f=reset IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:24 Last Seen2023-05-18 16:12:02 Times Seen15 Hash 528ba83e2f53fc499b29c43bd3c47805 1a039000eeb80023996ee0ee8b581b80a6c66ae0 b0a0aabbe776399a85220bf97a3482e59793ee730c348c779a764e51a6252fae Loading...

	deviceid.trueleadid.com/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	2.1 kB	2023-04-01	2023-04-01
Pretty URL autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:54:14 Last Seen2023-04-01 10:54:14 Times Seen1 Hash 28181ca8714902aa7847e53f7287c1af 393e8746cc76f8ab0f3a160ad6f15c6ff61a6d78 2a4d8299b5f5451caa3060caf367aa34534b9389bcce87501d2aa031fcf116ed Loading...

	autoinsureconnect.com/js/form_validation.js	1.6 kB	2023-03-11	2023-05-18
Pretty URL autoinsureconnect.com/js/form_validation.js IP 20.69.117.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:32:12 Last Seen2023-05-18 16:12:02 Times Seen15 Hash 0a4dc920562e8db5b358a08a3caebe13 f79725234f27d5a56fbd11b5b573d9956f5adaef 47149ccce4364ba4495df62176857061e10c78b9f755596c46a922897daf7af1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-25 20:36:21 Times Seen2541 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

HTTP Transactions (47)

	URL	IP	Response	Size
	www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b	104.21.86.242	302 Found	208 B
URL HTTP/1.1 www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b IP 104.21.86.242:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text Size 208 B (208 bytes) Hash 4a801ccdf3cff09d02718033c727d0ac d9c935e0676cd6f2d451ee9d6a6fef04c469f170 ecc49d6d262731ac5205f23036222a44db9483b652e7a3fba4686d0f3cab2671 HTTP Headers `GET /BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&sub2=6425aff2c290522f8004f91b HTTP/1.1 Host: www.zalkkweet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Found Date: Fri, 31 Mar 2023 09:39:16 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive accept-ch: Sec-Ch-Ua-Platform-Version location: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes set-cookie: uniqueClick_GDPPSNP=73d2c008-35c5-41ec-a4d9-d7deb8dffc3b:1680255556; Path=/; Expires=Sun, 30 Apr 2023 09:39:16 GMT; SameSite=None transaction_id=362602c2b6144ae9af4d147dd1eb2196; Path=/; Expires=Thu, 29 Jun 2023 09:39:16 GMT; SameSite=None vary: Origin x-eflow-request-id: 09b5e608-961a-4265-bffc-165a72bf4653 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvfyag7Vjt4oaqbwLSkjIv74tR2seOr5hc4kXUKZbI6I%2BNECHEOVs7Q3xfRqB2GESDn%2BvFXqPvUKXMc5hLBJiQmz20tJeVjfmV6CWyCqbGjrmu2AdCksAgdqUDr4Oa0adCWO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7b079fc9bbabb527-OSL alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 31 Mar 2023 09:28:23 GMT content-type: application/json age: 654 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: lsBpCzHlvoRHmRsqbX57jJhaDz4EovCoJt/TeJTTC+UWEm6dgQJ2ffUGpI9/yFFe6bZfVBzLqHU= x-amz-request-id: 20KBP4WNEE9S6439 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 31 Mar 2023 09:03:17 GMT age: 2160 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 31 Mar 2023 09:39:17 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 31 Mar 2023 09:14:39 GMT age: 1478 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	54.189.54.42	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.189.54.42:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: kPqaiTGb6AFD7vEk2DeBpA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: Udo2cW1Ce4YUxeGUpVACP2qC4Sc=`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11114 bytes) Hash 211d737362f7cbcd8c77cee7d29fa2f5 668d1d80c88082928c6ca01fbf1ccbfcd079f64f 05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11114 x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkypoH5goAMF6Hw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg== via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 08:59:56 GMT age: 18596 etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8745 bytes) Hash ef54a1ed997cc09495edb102ccdf6803 f5637efb37b5eecff77e60e6bcf5f599991f334f fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8745 x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguJ5Hy5oAMFyAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 06:47:32 GMT age: 10307 etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg	34.120.237.76	200 OK	9.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.1 kB (9055 bytes) Hash 1688ae550e5e9181de2448a9cade8a26 a46eb0cd75f46778dc802b648f7c391ce801c700 e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9055 x-amzn-requestid: aad4ce89-7ff3-484a-b644-ecda89a2ff16 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnVW5EPJoAMFfFw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260292-41fb44737ee678bc7c93b7ff;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:43:46 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: aCuRurszjWr-BePwsnPfCqMpfO2GaREtRvvFGiiywmfsuAGFRRK9sQ== via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 08:20:16 GMT age: 4743 etag: "a46eb0cd75f46778dc802b648f7c391ce801c700" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg	34.120.237.76	200 OK	6.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.4 kB (6380 bytes) Hash 8a2b8f737604b7983cf686c82599dc73 aa63be93c4cd641f09ce0d5144ef60aab21caed1 78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6380 x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnUn6E19IAMF9SQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ== via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:47:23 GMT age: 42716 etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9859 bytes) Hash da174e6ccc9451c5071ba10eeb97f6f6 c38827a9ac1218768839877263e1f2984fbdc454 76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9859 x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: COQPtHizoAMF7-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0 x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w== via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 00:11:32 GMT age: 34067 etag: "c38827a9ac1218768839877263e1f2984fbdc454" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10323 bytes) Hash a3b5eaa5d578299f8a506df71865d4d5 99fc13dea248dd6316e4abe545c80ad9df9bc1cd 30baa165074984ba7de6fc42cd1959d63c3f17c8f5b7cfabd68511136ff9e4ac HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10323 x-amzn-requestid: 5851fc9d-f75e-4237-87de-45b881d1d553 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CnUnJEb4IAMFh8A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64260160-2003d3df2d802faa74ca5096;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:40 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 28pB4vd4QIm-Q7aEpaoOVhSU5Tw7HiZfViMfqJ_Jk4Z2KtoDOcaOrg== via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Mar 2023 21:59:58 GMT age: 41961 etag: "99fc13dea248dd6316e4abe545c80ad9df9bc1cd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7117d0725779b203269d6c54c3ccedcf 24f4e806fd15c39484288a88c67117c918ce0829 ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 09:39:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7117d0725779b203269d6c54c3ccedcf 24f4e806fd15c39484288a88c67117c918ce0829 ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 09:39:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	autoinsureconnect.com/css/frontend/custom.css	20.69.117.1	200 OK	413 B
URL HTTP/2 autoinsureconnect.com/css/frontend/custom.css IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text Size 413 B (413 bytes) Hash a24e874f8b5342760d39269287386de1 a0e229b0f8ea4f6d7591435736a1cf36c09fc261 ca1b39184cbe3b7cc53c8de16c49bb3acb80e32127ad2d8a732211b174e4dbd9 HTTP Headers GET /css/frontend/custom.css HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: text/css content-length: 413 last-modified: Tue, 15 Feb 2022 14:29:26 GMT etag: "620bb8c6-19d" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	autoinsureconnect.com/logos/aic.png	20.69.117.1	200 OK	11 kB
URL HTTP/2 autoinsureconnect.com/logos/aic.png IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type PNG image data, 357 x 58, 8-bit/color RGBA, non-interlaced\012- data Size 11 kB (10799 bytes) Hash a1e23a6bdb00c86989e7ccb9eda4499c 495ad4fe6bcac44d36ab2b06d2322450f3dfd910 693acc3b63f9243ae4c93d346f3be0a63f1f46b4b812a12056a25e67a17d7c71 HTTP Headers GET /logos/aic.png HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: image/png content-length: 10799 last-modified: Mon, 02 May 2022 06:25:01 GMT etag: "626f793d-2a2f" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	autoinsureconnect.com/js/generic_calls.js	20.69.117.1	200 OK	310 B
URL HTTP/2 autoinsureconnect.com/js/generic_calls.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text Size 310 B (310 bytes) Hash 348b1a0211b3261fdad2d18d2133c251 5b1aa9f7b645815119917e6924abc6d42f7d5f6e 3b81feaf7885d0f1b7ad3ed370d6eecec6edc36b946a80aba83fdb3a4ce0fabc HTTP Headers GET /js/generic_calls.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 content-length: 310 last-modified: Thu, 08 Dec 2022 11:22:24 GMT etag: "6391c8f0-136" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash ecd05e7682c48a6f2125327c38d3574f 0c13369d1a3875be37469e0a7d2998e16b355464 5f47df4197ef2e6c446ac3a3d54ac19060a41e5bccd6c9111311b71b01241f10 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=93692 Date: Fri, 31 Mar 2023 09:39:21 GMT Etag: "642564cd-1d7" Expires: Sat, 01 Apr 2023 11:40:53 GMT Last-Modified: Thu, 30 Mar 2023 10:30:37 GMT Server: ECAcc (nya/1C5E) X-Cache: Miss from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: pIHpUhrNambbi2QA4SkDblzIzbsdLVa1dnY6k-fJehDm3oXB4P6-pw== Age: 4216

	autoinsureconnect.com/landing/Auto/aic/images/zipcode.png	20.69.117.1	200 OK	1.4 kB
URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/images/zipcode.png IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type PNG image data, 356 x 52, 8-bit/color RGBA, non-interlaced\012- data Size 1.4 kB (1437 bytes) Hash aecc2d731480cacdc280628dbd80a3bc 4e71b149160fa043f7a497a9d74ec54b4e6ddab3 be1bf1d01c105c65ac4ecc85381a0a637fbed24ab321001fcad6342208d45d2e HTTP Headers GET /landing/Auto/aic/images/zipcode.png HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:21 GMT content-type: image/png content-length: 1437 last-modified: Mon, 02 May 2022 06:25:01 GMT etag: "626f793d-59d" expires: Mon, 25 Mar 2024 09:39:21 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	autoinsureconnect.com/landing/Auto/aic/images/btn_n.png	20.69.117.1	200 OK	14 kB
URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/images/btn_n.png IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type PNG image data, 296 x 60, 8-bit/color RGBA, non-interlaced\012- data Size 14 kB (14226 bytes) Hash ef4d3fa6b1d6c570600b9222c7479a4c d52a399c5b9432440e00e99f125baf10eaf97ff2 16d51e3866be2ce1a563ee5fc3169cb353656be83488ab6355a1c140afe14e02 HTTP Headers GET /landing/Auto/aic/images/btn_n.png HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:21 GMT content-type: image/png content-length: 14226 last-modified: Mon, 02 May 2022 06:25:01 GMT etag: "626f793d-3792" expires: Mon, 25 Mar 2024 09:39:21 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	autoinsureconnect.com/js/validation.js	20.69.117.1	200 OK	2.3 kB
URL HTTP/2 autoinsureconnect.com/js/validation.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type data Size 2.3 kB (2252 bytes) Hash a5e741dd403a17281f249bfb33646a06 32ef65d6bfebea30a16f9b61b1bac2eeb85248b3 a318cea68e6377af0b845ff5e9006830ba5ca92c028338de9560dcdff9aac442 HTTP Headers GET /js/validation.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 last-modified: Thu, 13 Jan 2022 09:58:40 GMT etag: W/"61dff7d0-2f7b" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 2861dcb4dcae0f11fed6021eefcb116e 7b303aaf4248c057fdbd5daa03c27052e33fed22 fb61f93ac93296dd47504278c4dfdd053a5c482d5b347d30545ff1bb0df318b6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=167755 Date: Fri, 31 Mar 2023 09:39:21 GMT Etag: "642687f2-1d7" Expires: Sun, 02 Apr 2023 08:15:16 GMT Last-Modified: Fri, 31 Mar 2023 07:12:50 GMT Server: ECAcc (bsa/EAF6) X-Cache: Miss from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ngqGB0DYm5moB1-gPzckCf_CFFz0fix1YK22jFrkvrU610wpQ7VSSw== Age: 3746

	autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js	20.69.117.1	200 OK	30 kB
URL HTTP/2 autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type data Size 30 kB (30054 bytes) Hash 3984a3337294bc20778b1b5d25991585 9369de1a4eb02d689bcf743fe7b62af9dfc63035 5ed486609433f8e4e429e73ca86c17bbda1df83088792f1fc72ef8ce9715b948 HTTP Headers GET /js/frontend/jquery-2.2.3.min.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 last-modified: Fri, 27 Aug 2021 13:58:34 GMT etag: W/"6128ef8a-14e9a" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 8117ff93449b2507eeb4c9881aacd6db afd407b7ab7aa76d374e146a9ba9df7304f0d9ab a416c796986e917ba3d9e9e9b52610a3f57e6d1144bf43e7070d7a88c4046854 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 31 Mar 2023 09:39:21 GMT Last-Modified: Fri, 31 Mar 2023 08:04:00 GMT Server: ECAcc (nya/79F3) X-Cache: Miss from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: V29z_hz2xrEMv0SeNZm0SPM8WnPPq6uVpZEqwnyrsx8B_DsN9wilLQ== Age: 5721`

	autoinsureconnect.com/favicon.ico	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/favicon.ico IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:21 GMT content-type: image/x-icon content-length: 0 last-modified: Mon, 07 Jun 2021 13:18:53 GMT etag: "60be1cbd-0" expires: Mon, 25 Mar 2024 09:39:21 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash b2595847b4b5ca7c8bfc690c5911b584 1e3792813466972917ff6967d0214971f8efce26 b8e168c47e30fd9e1e28301c88d84704a6ea061b3469e7a0f7595cb1124988d7 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=125863 Date: Fri, 31 Mar 2023 09:39:22 GMT Etag: "6425e799-1d7" Expires: Sat, 01 Apr 2023 20:37:05 GMT Last-Modified: Thu, 30 Mar 2023 19:48:41 GMT Server: ECAcc (nya/1C5E) X-Cache: Miss from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: rRZyxrVI_J-Pu15RGoPiofiPe78b7OEZQPAve00SaTE4uGqO55frDA== Age: 2905

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA	54.230.245.142	200 OK	1.4 kB
URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA IP 54.230.245.142:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 1.4 kB (1449 bytes) Hash ef825b8a88a51cd76a51d08dfc1d4f99 5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b 2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1 HTTP Headers GET /iframe.html?token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA HTTP/1.1 Host: d2m2wsoho8qq12.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Content-Encoding: gzip Date: Thu, 30 Mar 2023 23:14:37 GMT ETag: W/"641b3057-dbb" X-Cache: Hit from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: WBu_eBSqsQa6sgVTrL8AJUJ2swWRKT9lqfyV_Th48VSuEp5SmeH-zw== Age: 37485

	api.trustedform.com/certs	44.214.250.22	201 Created	475 B
URL HTTP/2 api.trustedform.com/certs IP 44.214.250.22:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators Size 475 B (475 bytes) Hash 3fde2e9b373dab9f3a5451f6662db136 ca86f21b9df6a87020d403e50bb5bb6e495c74a7 f8e612b611ff79e17d424659ef1b89191a033b8ef5e02e4f1c087e4c3373946a HTTP Headers `POST /certs HTTP/1.1 Host: api.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 682 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 201 Created date: Fri, 31 Mar 2023 09:39:22 GMT content-type: application/json; charset=utf-8 content-length: 475 access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate server: Cowboy X-Firefox-Spdy: h2`

	create.leadid.com/2.11.9/SaveDom?msn=2&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835468	3.216.107.174	200 OK	20 B
URL HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835468 IP 3.216.107.174:0 ASN #14618 AMAZON-AES File type data Size 20 B (20 bytes) Hash 7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2 HTTP Headers POST /2.11.9/SaveDom?msn=2&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835468 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 512 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:22 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguserid=1b4b454d-bc77-4b18-ab0d-8cbf0f0456d4; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	autoinsureconnect.com/js/form_validation.js	20.69.117.1	200 OK	43 kB
URL HTTP/2 autoinsureconnect.com/js/form_validation.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Unicode text, UTF-8 text, with very long lines (32003) Size 43 kB (43328 bytes) Hash 49f18e17b228c61dfcff4b6ab92c435a 9314e4e59b1b22ecd2d0b5617cb000b2ff2cc48b 44fe7752353295809f29426e0a31baa0c260cea1b71703bddec1a44b089b4baf HTTP Headers GET /js/form_validation.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 last-modified: Tue, 18 Oct 2022 05:18:32 GMT etag: W/"634e3728-63b" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash b4b81648f73d1361e77f09e63be132ce 6319ea2b4175fa96d68bb53e04ed41493a2ab788 679e2e28a9c07e5c04c65dfbc44e1921043f3b5be342e9202e0373f4bb774ff8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 31 Mar 2023 09:39:22 GMT Etag: "6425b7e8-1d7" Last-Modified: Fri, 31 Mar 2023 08:33:17 GMT Server: ECAcc (dcb/7FC0) X-Cache: Miss from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: CruWyUUQYNj0LUf93r6Awoy7bo_zXDBDYdU7EHF9woVwOwgQs49z9Q== Age: 3966`

	api.trustedform.com/certs/728ae70b903e9717540b0a1fadb4d8644847017e/events	44.214.250.22	204 No Content	0 B
URL HTTP/2 api.trustedform.com/certs/728ae70b903e9717540b0a1fadb4d8644847017e/events IP 44.214.250.22:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /certs/728ae70b903e9717540b0a1fadb4d8644847017e/events HTTP/1.1 Host: api.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 222 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 204 No Content date: Fri, 31 Mar 2023 09:39:23 GMT access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate server: Cowboy X-Firefox-Spdy: h2`

	autoinsureconnect.com/update-anura-status	20.69.117.1	204 No Content	0 B
URL HTTP/2 autoinsureconnect.com/update-anura-status IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /update-anura-status HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRF-TOKEN: B6nZjU9ZE8ozedqCGgNX9niz4flscUFsdxwnQz8K X-Requested-With: XMLHttpRequest Content-Length: 16 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 204 No Content date: Fri, 31 Mar 2023 09:39:23 GMT x-powered-by: PHP/7.4.33 cache-control: no-cache, private set-cookie: XSRF-TOKEN=eyJpdiI6IlZOV1crN1lLUkV3ZHo3b3M2Y1NPRFE9PSIsInZhbHVlIjoiMVZ2OGkrMkN0YnpnR3VDU1B0WHNnYm0wQS9DdzlNbGw3Snh1QUtGaWRZYlVoaStlMlYvTS9GVWQ1MnlwdXJXN3Z0S2w1Unc1eU0weEw3NFRWMzRmSHRMQ2E5TVpZUnVmSmhwc21EVXNYTTVjYTFBcE1FbE9XclNoY2doNXR1cGciLCJtYWMiOiJmNWIzYjgyOGI2NDBkNzQ5MzViOTVjOTVkZjdmMDdhM2MwZWY5YjIzNWM1YjBiYjFlMDEyYmZmNTI4ZGVjMjkzIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:23 GMT; Max-Age=864000; path=/; samesite=lax admin_panel_session=eyJpdiI6Im44S2kySmpOZkhQMkJuVFpHSUFzcWc9PSIsInZhbHVlIjoieXhOZ2dDcnlwblJrZmJLb29Oa2xjcjVBaG1mclFRcElMV1h1V1Q3THZ3RmUyZXdnOVR0bnUxS01PaE9jT01MUHREcWFOZzFvd0FrTHgwMXBwSUNnWnVQZ2E1R2NPNS9aaFVmWVM4K3JjSDlhcVB6YkRudlhEOXVaYkdUMVBnZm4iLCJtYWMiOiIyZGY0NDRkOTMwMTQzMzNhNjRlN2NlNjkxYjI2Yzk4MDFiYTRkYmE5NGIyZTY1NzFmMjNmOWE5ZGIyNGVlY2M3IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:23 GMT; Max-Age=864000; path=/; httponly; samesite=lax x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.4.33 cache-control: no-cache, private set-cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:20 GMT; Max-Age=864000; path=/; samesite=lax admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:20 GMT; Max-Age=864000; path=/; httponly; samesite=lax local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D; expires=Mon, 28-Mar-2033 09:39:19 GMT; Max-Age=315359999; path=/; httponly; samesite=lax x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Droid+Sans:400,700	142.250.74.138	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans:400,700 IP 142.250.74.138:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Droid+Sans:400,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 31 Mar 2023 09:39:20 GMT date: Fri, 31 Mar 2023 09:39:20 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	create.leadid.com/2.11.9/Snap?msn=5&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835471	3.216.107.174	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=5&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835471 IP 3.216.107.174:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/Snap?msn=5&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835471 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 100949 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:23 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/ rguserid=99a7b2a1-4c35-4f73-ae7d-bf0c3949457b; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:23 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	autoinsureconnect.com/js/criteo_event_call.js	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/js/criteo_event_call.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /js/criteo_event_call.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 last-modified: Mon, 07 Nov 2022 11:10:26 GMT etag: W/"6368e7a2-d67" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	autoinsureconnect.com/landing/Auto/aic/css/style.css	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/css/style.css IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /landing/Auto/aic/css/style.css HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: text/css last-modified: Mon, 02 May 2022 06:25:01 GMT etag: W/"626f793d-61a3" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	autoinsureconnect.com/js/common.js	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/js/common.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /js/common.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 15 Mar 2023 10:54:56 GMT etag: W/"6411a400-850" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	create.leadid.com/2.11.9/InitFormData?msn=4&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835470	3.216.107.174	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835470 IP 3.216.107.174:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/InitFormData?msn=4&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835470 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 1079 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:22 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguserid=729e4e2e-caaa-4b34-b085-b2b7e7d69556; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813	3.10.87.198	200 OK	0 B
URL HTTP/2 script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813 IP 3.10.87.198:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /request.js?instance=52457339&source=6641ba&campaign=162111&exid=11510698_AIC&callback=anuraResponseHandler&35344626813 HTTP/1.1 Host: script.anura.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:21 GMT content-type: application/javascript; charset=utf-8 server: nginx vary: Accept-Encoding expires: Sun, 28 Dec 1980 18:57:00 EST cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 pragma: no-cache x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	create.leadid.com/2.11.9/InitFormData?msn=3&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835469	3.216.107.174	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835469 IP 3.216.107.174:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/InitFormData?msn=3&pid=f0754c01-2445-4a56-8c82-804e50453287&token=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE&_=585835469 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 2099 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:22 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguserid=ae620db4-c841-4ff8-9503-c39b81cfb855; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	autoinsureconnect.com/save-trusted-form-urls	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/save-trusted-form-urls IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers POST /save-trusted-form-urls HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRF-TOKEN: B6nZjU9ZE8ozedqCGgNX9niz4flscUFsdxwnQz8K X-Requested-With: XMLHttpRequest Content-Length: 99 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D; leadid_token-28E26C96-47B1-6572-594C-870A142734FA-E4A414D8-5B2F-FC13-0E46-7F6E7994C38F=2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE; jornaya_lead_ids=["2EFCDB00-4D3B-21EC-A98B-6037FAFEFFBE"] Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:24 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.4.33 cache-control: no-cache, private set-cookie: XSRF-TOKEN=eyJpdiI6IjdhMUQydm1DV1g1QVpkNEVsTHY3dkE9PSIsInZhbHVlIjoiWGlIS3lTVDRkZkFkZklRVGQ2aFdtQVJSOEZSaEpUYXRUTkhySk1xMUJMZWJ2WHdhZk9vbUh4UVpHTnBUR0hZRVVvN0phelo5OFBISG8rd2EyN202V3V5aG9FWm53ckkzZC9oTkJyait0RU5ZV3RvRmtFa29iSzNUaFZVcUM3V3QiLCJtYWMiOiIwYzBkOGVlN2ZhYWFlOWJjYzdlM2VlNjg5MWZlOWYyMTY5Y2Y3ZTQzZGI2MzhhMzM3YzNmYzRlMGM2NGYzZjZjIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:24 GMT; Max-Age=864000; path=/; samesite=lax admin_panel_session=eyJpdiI6Ik5YZy92VnNTamRhMzNKQm5XZ2p4T0E9PSIsInZhbHVlIjoidnJaWkNTelNqbzVGNFNiQzZTa1hGMDV0NXJSTTlEZ0p4ekxDUzllQzRub1lObVA5d2ZIam1tRXArOExaUUk0NGMxQytlSDFwMlNxT0JoVGR3QUMxdjU0cnFqSG1OTk1vSjJFT0JVcVFSWVBXZzBiZ2gvL01ocFU5MmovSXYwT00iLCJtYWMiOiI1NTY0YmY2MDYxMzlkZDMxYmVhYWJjM2JkMjVmYWUxZWQ4YjQ2NDk4NjZhZWZkMWRhZWFhNGMxNzdlNDg1MzIwIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 09:39:24 GMT; Max-Age=864000; path=/; httponly; samesite=lax x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	autoinsureconnect.com/js/landing.js	20.69.117.1	200 OK	0 B
URL HTTP/2 autoinsureconnect.com/js/landing.js IP 20.69.117.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash HTTP Headers GET /js/landing.js HTTP/1.1 Host: autoinsureconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=362602c2b6144ae9af4d147dd1eb2196&s6=FQRNYSLNQO7MHSMTFHLADWP4A5EQO6SPQW2TWPIDRPAAL2TY&campaignid=7576&prepop=yes Cookie: XSRF-TOKEN=eyJpdiI6InVXZVRPeEVBd3lYU0kyYVczamxkYXc9PSIsInZhbHVlIjoiUVpnZFZBdXk4VjZJZkdTeXlndDU0S1ZKaXh5TktxanJGNVpLL09IdHBmSmdpWmxkc3VUQTVoOCtkL0FRYUtZTEYvb3VoejdXQ3U4aC9XMElwT2FBL0U0Z3NzUHkyNDRFQ3JyTVZFWGlwWjZkRnA2LzRNdk1leGtGdnZ2a1A5eC8iLCJtYWMiOiI5NmFhMGE4YjVkNWQzNjAwNDUwNTNhZGU4YWY1MWI4OThjZDcwYzZiNWM3ZTQ1MDMyNmQwYmM0NjFlNDgxMzM4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6IjJXVTJBelNqYmRtVzk0RWwvY2NialE9PSIsInZhbHVlIjoic01hcy9vNHJYdzNOVktHekRRMW93SDMza0xjcVNkYzMvWG1iWVpLb2h4Vmx2Y3VtVkczdDQvZlc0Ulk1Q0dKUC9OVWZqdEc4Mm1BamliazJiMWIzcDBQREJrbUR3YWlBRVlvYnh1TjhSdFZBZUtFdWh1Z2J6UlM2ekZYajVMWTUiLCJtYWMiOiI2NGIyY2VhMDUyNzViZDRmMTE4NzQwNGQ2YmJhOTAwZGY3NDRlMGQxZTA2ZmZlOGU4YzhmODI2NzQ2MTljNTk2IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IjU0TS9oTkhxbFdzZ3BLTm1tS2g0Tmc9PSIsInZhbHVlIjoiSXdmYlNDRkhwUHQycVhOcjFWdXNBb094RjhTODlmY2RvMGhyVGRQVzNCaVZuakF1aE9pc0FZQ09xSFlTc1FabUpOcVNiTmQxNEhBT0IwSW92ZUR0TE1sRUVsMzJQOC9vMnB4Z1RxaFRPQUdKVnhqdmVoWHRwNEpzNTZXc3hBYkhqMkdmWEpIKzVvelhEL0dZcUN5ejlnPT0iLCJtYWMiOiIzZDYzYjZhNDEyODQ4NDBjZmIzZmFhNmRkMzUyYTA5MTA5YTlmNGNlODU0MDFmNTE2NjUxN2JiMjA4NGE0M2E5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:20 GMT content-type: application/javascript; charset=utf-8 last-modified: Thu, 09 Mar 2023 08:03:58 GMT etag: W/"640992ee-2ae9" expires: Mon, 25 Mar 2024 09:39:20 GMT cache-control: max-age=31104000 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	script.anura.io/response.json	3.10.87.198	200 OK	0 B
URL HTTP/2 script.anura.io/response.json IP 3.10.87.198:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `POST /response.json HTTP/1.1 Host: script.anura.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 3480 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:22 GMT content-type: application/json; charset=utf-8 server: nginx vary: Accept-Encoding access-control-allow-origin: * access-control-allow-methods: POST expires: Sun, 28 Dec 1980 18:57:00 EST cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 pragma: no-cache x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	script.anura.io/result.json	3.10.87.198	200 OK	0 B
URL HTTP/2 script.anura.io/result.json IP 3.10.87.198:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `POST /result.json HTTP/1.1 Host: script.anura.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 35 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:22 GMT content-type: application/json; charset=utf-8 server: nginx vary: Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST expires: Sun, 28 Dec 1980 18:57:00 EST cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 pragma: no-cache x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f0754c01-2445-4a56-8c82-804e50453287&_=585835467	3.216.107.174	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f0754c01-2445-4a56-8c82-804e50453287&_=585835467 IP 3.216.107.174:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/GenerateToken?msn=1&pid=f0754c01-2445-4a56-8c82-804e50453287&_=585835467 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 329 Origin: https://autoinsureconnect.com Connection: keep-alive Referer: https://autoinsureconnect.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Fri, 31 Mar 2023 09:39:22 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguserid=3531698e-e583-408e-b259-288d27e17434; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 30-Apr-2023 09:39:22 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML