r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6816
Expires: Fri, 31 Mar 2023 11:59:27 GMT
Date: Fri, 31 Mar 2023 10:05:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b93010cbf31ba3ec785b4088e5d0f529
c0f1ab8a2aae3c445a8f24959a4eea433a345caf
2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9817
Expires: Fri, 31 Mar 2023 12:49:28 GMT
Date: Fri, 31 Mar 2023 10:05:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 09:28:23 GMT
content-type: application/json
age: 2248
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&sub2=6425aff2c290522f8004f91b
172.67.137.242302 Found 208 B URL HTTP/1.1 www.zalkkweet.com/BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&sub2=6425aff2c290522f8004f91b
IP 172.67.137.242:0
File type HTML document, ASCII text
Hash d4cb70f16312b6fbb2348094dd72be65
4160cd4ac9e8ff505a2ba2c29271179618020412
95f8475c22ac278516510007c2fbc706d45bf423bce708bbfe1e92598d79353b
GET /BCSQZXDD/GDPPSNP/?__efq=_ZsCjkrogIklm3uNmmqknDMBlsK_86epyMJeuoVd-ME&sub1=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&sub2=6425aff2c290522f8004f91b HTTP/1.1
Host: www.zalkkweet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 10:05:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
accept-ch: Sec-Ch-Ua-Platform-Version
location: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
set-cookie: uniqueClick_GDPPSNP=a5b0d0d6-d9cd-4cff-beb4-5f7abbf04bc0:1680257151; Path=/; Expires=Sun, 30 Apr 2023 10:05:51 GMT; SameSite=None
transaction_id=76fa9ead35644ecaaceaba324d485ee1; Path=/; Expires=Thu, 29 Jun 2023 10:05:51 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 74188e2f-94b7-4b11-b514-d883cdd66457
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZkz1nB0%2FnsRqAb1aHW%2BkAUQdHJsuUkqs6e4M6W2hujv2DXRRifeZW45ro%2F0ALNoDWaJnZBdboPjjQoKcgG6PxC4WELd8Wx9HHWXcuqUkfS9zfMvU5HHWT%2FpSPrG5JaeNy%2FfDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b07c6ba9cb3b51e-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16846
Expires: Fri, 31 Mar 2023 14:46:37 GMT
Date: Fri, 31 Mar 2023 10:05:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wj1UVVJkDYjSzxYMPfUXMfLtqO4gl2L/eLV0nZax6h0WB8+u36GXu782LcPQ/0WtD0XgoDf3sCZCaXw+rq8iJA==
x-amz-request-id: F081M8EMMTVXPEV8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 09:12:07 GMT
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
age: 3224
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 10:05:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 09:17:26 GMT
age: 2905
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b3df8c73360b4239af64e11f9d2388be
dc5463ff26615b40e4eab388052790d6c30ea5e6
877b23d16abf2e0e9f649f53747e82af0b75e8595abd71728254e612847cfdb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "877B23D16ABF2E0E9F649F53747E82AF0B75E8595ABD71728254E612847CFDB6"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6345
Expires: Fri, 31 Mar 2023 11:51:37 GMT
Date: Fri, 31 Mar 2023 10:05:52 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0fa8ec33a07fcc1fc36bca228ebb60e
20e8e726329cf6267854459f77ccce0fce1dd8e8
e50e759c264a2567e4e2a7bab398ff7d668d008ed0d674c848c76aafc1ad7ced
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E50E759C264A2567E4E2A7BAB398FF7D668D008ED0D674C848C76AAFC1AD7CED"
Last-Modified: Thu, 30 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Fri, 31 Mar 2023 16:05:26 GMT
Date: Fri, 31 Mar 2023 10:05:52 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.127.63101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.127.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VfIypSObkKov6Wbricx2aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xh24Oaocfu8Key7D07jIku7R6BE=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9275
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 10:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9275
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 10:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9275
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 10:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9275
Expires: Fri, 31 Mar 2023 12:40:28 GMT
Date: Fri, 31 Mar 2023 10:05:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 44310
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:47:32 GMT
age: 11901
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:59:56 GMT
age: 18596
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 00:11:32 GMT
age: 35661
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: aad4ce89-7ff3-484a-b644-ecda89a2ff16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVW5EPJoAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260292-41fb44737ee678bc7c93b7ff;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:43:46 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: aCuRurszjWr-BePwsnPfCqMpfO2GaREtRvvFGiiywmfsuAGFRRK9sQ==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:20:16 GMT
age: 6337
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3b5eaa5d578299f8a506df71865d4d5
99fc13dea248dd6316e4abe545c80ad9df9bc1cd
30baa165074984ba7de6fc42cd1959d63c3f17c8f5b7cfabd68511136ff9e4ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10323
x-amzn-requestid: 5851fc9d-f75e-4237-87de-45b881d1d553
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnJEb4IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260160-2003d3df2d802faa74ca5096;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 28pB4vd4QIm-Q7aEpaoOVhSU5Tw7HiZfViMfqJ_Jk4Z2KtoDOcaOrg==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:59:58 GMT
age: 43555
etag: "99fc13dea248dd6316e4abe545c80ad9df9bc1cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 10:05:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 10:05:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autoinsureconnect.com/css/frontend/custom.css
20.69.117.1200 OK 413 B URL HTTP/2 autoinsureconnect.com/css/frontend/custom.css
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash a24e874f8b5342760d39269287386de1
a0e229b0f8ea4f6d7591435736a1cf36c09fc261
ca1b39184cbe3b7cc53c8de16c49bb3acb80e32127ad2d8a732211b174e4dbd9
GET /css/frontend/custom.css HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: text/css
content-length: 413
last-modified: Tue, 15 Feb 2022 14:29:26 GMT
etag: "620bb8c6-19d"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/logos/aic.png
20.69.117.1200 OK 11 kB URL HTTP/2 autoinsureconnect.com/logos/aic.png
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 357 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash a1e23a6bdb00c86989e7ccb9eda4499c
495ad4fe6bcac44d36ab2b06d2322450f3dfd910
693acc3b63f9243ae4c93d346f3be0a63f1f46b4b812a12056a25e67a17d7c71
GET /logos/aic.png HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: image/png
content-length: 10799
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: "626f793d-2a2f"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ecd05e7682c48a6f2125327c38d3574f
0c13369d1a3875be37469e0a7d2998e16b355464
5f47df4197ef2e6c446ac3a3d54ac19060a41e5bccd6c9111311b71b01241f10
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90834
Date: Fri, 31 Mar 2023 10:05:55 GMT
Etag: "642564cd-1d7"
Expires: Sat, 01 Apr 2023 11:19:49 GMT
Last-Modified: Thu, 30 Mar 2023 10:30:37 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hqlUE03CEp2CRoXlqEdyVoc3BPWNjOhNtSc037vEEEkL4u6Afbck-Q==
Age: 2952
autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
20.69.117.1200 OK 3.5 kB URL HTTP/2 autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 138f5a7d0aec41ce2f7a351d0596091a
5b821344f061fcc43c8f563d11988b60ac0e58c7
5de50d332c6c36a225626caeb0bc6817965a50d9b7e5e6022f2eee836d134f92
GET /?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 10:05:54 GMT; Max-Age=863999; path=/; samesite=lax
admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 10:05:54 GMT; Max-Age=863999; path=/; httponly; samesite=lax
local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D; expires=Mon, 28-Mar-2033 10:05:53 GMT; Max-Age=315359998; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/landing/Auto/aic/images/zipcode.png
20.69.117.1200 OK 1.4 kB URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/images/zipcode.png
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 356 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash aecc2d731480cacdc280628dbd80a3bc
4e71b149160fa043f7a497a9d74ec54b4e6ddab3
be1bf1d01c105c65ac4ecc85381a0a637fbed24ab321001fcad6342208d45d2e
GET /landing/Auto/aic/images/zipcode.png HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: image/png
content-length: 1437
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: "626f793d-59d"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/landing/Auto/aic/images/btn_n.png
20.69.117.1200 OK 14 kB URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/images/btn_n.png
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 296 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ef4d3fa6b1d6c570600b9222c7479a4c
d52a399c5b9432440e00e99f125baf10eaf97ff2
16d51e3866be2ce1a563ee5fc3169cb353656be83488ab6355a1c140afe14e02
GET /landing/Auto/aic/images/btn_n.png HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: image/png
content-length: 14226
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: "626f793d-3792"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 2861dcb4dcae0f11fed6021eefcb116e
7b303aaf4248c057fdbd5daa03c27052e33fed22
fb61f93ac93296dd47504278c4dfdd053a5c482d5b347d30545ff1bb0df318b6
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167755
Date: Fri, 31 Mar 2023 10:05:56 GMT
Etag: "642687f2-1d7"
Expires: Sun, 02 Apr 2023 08:41:51 GMT
Last-Modified: Fri, 31 Mar 2023 07:12:50 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zH-PJYttAUW439EvKCS2NOgq_R_RlU_QtV1Lb-bJq_7t-INsl2_itw==
Age: 5341
autoinsureconnect.com/landing/Auto/aic/images/banner-bg.jpg
20.69.117.1404 Not Found 153 B URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/images/banner-bg.jpg
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a53e183b2c571a68b246ad570b76da19
7eac95d26ba1e92a3b4d6fd47ee057f00274ac13
29574dc19a017adc4a026deb6d9a90708110eafe9a6acdc6496317382f9a4dc7
GET /landing/Auto/aic/images/banner-bg.jpg HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/landing/Auto/aic/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 31 Mar 2023 10:05:56 GMT
content-type: text/html; charset=utf-8
content-length: 153
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11511050_AIC&callback=anuraResponseHandler&107300868941
3.10.87.198200 OK 20 kB URL HTTP/2 script.anura.io/request.js?instance=52457339&source=6641ba&campaign=162111&exid=11511050_AIC&callback=anuraResponseHandler&107300868941
IP 3.10.87.198:0
Hash ea0f3acd3b799f98a2bd4980d3e91a67
01aa2c2be866f608d69b4dd91eb6061388cd33fd
6f1d171a9fbafb5cb70aca413e8a6a372fa609c93ea2d46c2b7894d5887c00e9
GET /request.js?instance=52457339&source=6641ba&campaign=162111&exid=11511050_AIC&callback=anuraResponseHandler&107300868941 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 8117ff93449b2507eeb4c9881aacd6db
afd407b7ab7aa76d374e146a9ba9df7304f0d9ab
a416c796986e917ba3d9e9e9b52610a3f57e6d1144bf43e7070d7a88c4046854
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 10:05:56 GMT
Etag: "6425acb9-1d7"
Last-Modified: Fri, 31 Mar 2023 08:52:14 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pNRas8rJnHzh9nd6ukWL7336BZ5QqGn-6gGT3aTUxRvlAf32-iwh6A==
Age: 4422
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b2595847b4b5ca7c8bfc690c5911b584
1e3792813466972917ff6967d0214971f8efce26
b8e168c47e30fd9e1e28301c88d84704a6ea061b3469e7a0f7595cb1124988d7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126495
Date: Fri, 31 Mar 2023 10:05:56 GMT
Etag: "6425e799-1d7"
Expires: Sat, 01 Apr 2023 21:14:11 GMT
Last-Modified: Thu, 30 Mar 2023 19:48:41 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _KMHdREnVtaKmn2vwvGMTzMnkAM2YyFoqMgAk7kLxfzW48dJU25npA==
Age: 5130
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
54.230.245.38200 OK 1.4 kB URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
IP 54.230.245.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1
GET /iframe.html?token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 23:14:37 GMT
ETag: W/"641b3057-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hgw1l91rE3SZc1bASPakH154xUGveoWXJyIBHOTEBfXn67llGlekVQ==
Age: 39079
cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16802571554890.2314043891563229
54.230.111.103200 OK 3.5 kB URL HTTP/2 cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16802571554890.2314043891563229
IP 54.230.111.103:0
Hash 5757dc3cec0ad2411360ca76b5af7609
e1f61f3a3f729637a62617d77aaf8e6ad1a5b6c8
6405487103289bbf35f8763f39a8cf9cad0e342903db3bdfc4b7c13762594f0e
GET /bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16802571554890.2314043891563229 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://autoinsureconnect.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 31 Mar 2023 10:05:57 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -lMRpDcMYW-dVsm4QMVxmMeDOkD9OwbXkaLLumLXNm170m2nT_Wzxw==
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.38.js
54.230.111.103200 OK 38 kB URL HTTP/2 cdn.trustedform.com/trustedform-1.8.38.js
IP 54.230.111.103:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7eb95f6f84ff86ad6c7513782d1a9f13
8184f06fd098110d60b54960bd3688c83bd5c384
0b220f6b6f0035ad6aba7ec255f0abbc52a1b96609f257e4184b7ecf462918cd
GET /trustedform-1.8.38.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
server: AmazonS3
content-encoding: gzip
date: Fri, 31 Mar 2023 10:05:57 GMT
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QcxyaH1hd4rVjWPJDltoFbK1ZFibxqMC43HnDRUlSlXnBCpolooWkw==
age: 6
X-Firefox-Spdy: h2
api.trustedform.com/certs/b7e280d7ba41b44e3d5f51aa18ee2d379104a593/fingerprints
34.233.40.216204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/b7e280d7ba41b44e3d5f51aa18ee2d379104a593/fingerprints
IP 34.233.40.216:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/b7e280d7ba41b44e3d5f51aa18ee2d379104a593/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 176
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 10:05:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b4b81648f73d1361e77f09e63be132ce
6319ea2b4175fa96d68bb53e04ed41493a2ab788
679e2e28a9c07e5c04c65dfbc44e1921043f3b5be342e9202e0373f4bb774ff8
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 10:05:57 GMT
Last-Modified: Fri, 31 Mar 2023 08:31:11 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iWD8u8UAKrzsSE5DSjsCphOxoB4_woUvSwa1CS2jzfd_miV8snMrog==
Age: 5686
script.anura.io/response.json
3.10.87.198200 OK 102 B URL HTTP/2 script.anura.io/response.json
IP 3.10.87.198:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 05aeba40a90ce780a74d3850ab27db3c
4d55613edb6a8bc35a666f9e31b9d293ba05e704
15f12a3df74f276bf42dbdc3ebc7761874267d1b3791901d9ce0ad3450c66826
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 3466
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:56 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
autoinsureconnect.com/js/form_validation.js
20.69.117.1200 OK 2.3 kB URL HTTP/2 autoinsureconnect.com/js/form_validation.js
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4108)
Hash 5a9d81aa54689703417ff69dafe30404
10de58cec1ca0b1028443b5e4d410b7aa84409cd
07e777114c266236507ee5e49bf8aa5c8d4fb11fa1ba3764da76b3cae6f6eca4
GET /js/form_validation.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 18 Oct 2022 05:18:32 GMT
etag: W/"634e3728-63b"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=4&pid=d437fdaa-ab0e-41a4-a030-0f0407c59018&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&_=692144109
34.233.231.247200 OK 20 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=4&pid=d437fdaa-ab0e-41a4-a030-0f0407c59018&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&_=692144109
IP 34.233.231.247:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /2.11.9/Snap?msn=4&pid=d437fdaa-ab0e-41a4-a030-0f0407c59018&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&_=692144109 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 100950
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:57 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rguserid=d9305252-265c-41c8-9025-222612c255e1; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
ads.anura.io/showads.js?525064920765
54.230.111.27200 OK 0 B URL HTTP/2 ads.anura.io/showads.js?525064920765
IP 54.230.111.27:0
GET /showads.js?525064920765 HTTP/1.1
Host: ads.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 30 Mar 2023 18:50:42 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YyxuYlvLfsh8LY3JYgRARwLPY9PxbiUJdUojQx9WqwJjuGuGPYbTXA==
age: 54913
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=28E26C96-47B1-6572-594C-870A142734FA&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&methods=48&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&uuid=c3e4a7ffb7b64d7887ee7047b02cdf4f
34.233.231.247200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=28E26C96-47B1-6572-594C-870A142734FA&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&methods=48&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&uuid=c3e4a7ffb7b64d7887ee7047b02cdf4f
IP 34.233.231.247:0
GET /2.11.9/SaveDeviceId.js?lac=28E26C96-47B1-6572-594C-870A142734FA&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&methods=48&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&uuid=c3e4a7ffb7b64d7887ee7047b02cdf4f HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:57 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rguserid=8c964b64-cfd3-4d9f-b912-b7eacc970f20; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
autoinsureconnect.com/landing/Auto/aic/css/style.css
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/landing/Auto/aic/css/style.css
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /landing/Auto/aic/css/style.css HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: text/css
last-modified: Mon, 02 May 2022 06:25:01 GMT
etag: W/"626f793d-61a3"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/js/criteo_event_call.js
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/js/criteo_event_call.js
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/criteo_event_call.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Nov 2022 11:10:26 GMT
etag: W/"6368e7a2-d67"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/js/frontend/jquery-2.2.3.min.js
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/frontend/jquery-2.2.3.min.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Aug 2021 13:58:34 GMT
etag: W/"6128ef8a-14e9a"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Droid+Sans:400,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans:400,700
IP 142.250.74.74:0
GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 10:05:55 GMT
date: Fri, 31 Mar 2023 10:05:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
autoinsureconnect.com/js/common.js
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/js/common.js
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/common.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 Mar 2023 10:54:56 GMT
etag: W/"6411a400-850"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/save-trusted-form-urls
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/save-trusted-form-urls
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /save-trusted-form-urls HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: bisTCRlX814cYe5rq4nc9G68PByToTphQMlfrXYk
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D; leadid_token-28E26C96-47B1-6572-594C-870A142734FA-E4A414D8-5B2F-FC13-0E46-7F6E7994C38F=DEA292BF-5FB4-1B09-3E20-FE6392101B16; jornaya_lead_ids=["DEA292BF-5FB4-1B09-3E20-FE6392101B16"]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InpLR0tkaEZRTDVYTzZ1RlNjZDNOV0E9PSIsInZhbHVlIjoiaGJlQlJ3dGlxejNwc3dzaWkrR3RFRk9Jb2V4RG5ZNEo1c0VINm1GUURBYmpHZitCWEFESlBSWmQxYXBUMWM3YVAyNXR3M21tNi9PR3hlUTlNYkxOblh5SUZnRm1lS0NHV1BSZ0xEWmgzVkVPY2dIOE5RY01UMEZpbERNM000L1MiLCJtYWMiOiJiYTFlMzFkZWNjMzA4YTFmOGQ5YTAxYjYxMWFiZmY0MmQyYzc5NjhiOTRhMjNkMjU0ZjNlZTJhY2EzNTM1MGMwIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 10:05:58 GMT; Max-Age=864000; path=/; samesite=lax
admin_panel_session=eyJpdiI6Ikg0VlJxQTJROW13Y1o3WURCRkRkNmc9PSIsInZhbHVlIjoiWkpVOGxWQ2NvUkltSUMrMjZYWi9MTHIxMDd6azlORGNsZWF5STF5a2puREpqdFBqSW44VFV4VFRmLzBIMS93eEhHYWR2VkV3N0xYRXpRaEVzeVdGeU0yRG5MMGVtaE01ZlNSaHQrNXNYODYrUXIvemR5bnl1bG1NbDZrTlBHWWUiLCJtYWMiOiI1NjA0NWRkNzVkMzE0NGNkODMwNzExZjZkZWU4ZDAyOWY1ZWRiZjhlZGU1ZDE4YjVkZjNmNTFjZDMyYTc3OGYxIiwidGFnIjoiIn0%3D; expires=Mon, 10-Apr-2023 10:05:58 GMT; Max-Age=864000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
autoinsureconnect.com/js/validation.js
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/js/validation.js
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/validation.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 13 Jan 2022 09:58:40 GMT
etag: W/"61dff7d0-2f7b"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=d437fdaa-ab0e-41a4-a030-0f0407c59018&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&_=692144110
34.233.231.247200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=5&pid=d437fdaa-ab0e-41a4-a030-0f0407c59018&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&_=692144110
IP 34.233.231.247:0
POST /2.11.9/InitFormData?msn=5&pid=d437fdaa-ab0e-41a4-a030-0f0407c59018&token=DEA292BF-5FB4-1B09-3E20-FE6392101B16&_=692144110 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1079
Origin: https://autoinsureconnect.com
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:57 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rguserid=01ecbc83-2086-41c5-bdf1-bc6a4a6e302b; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 10:05:57 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
autoinsureconnect.com/js/landing.js
20.69.117.1200 OK 0 B URL HTTP/2 autoinsureconnect.com/js/landing.js
IP 20.69.117.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/landing.js HTTP/1.1
Host: autoinsureconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/?id=6641ba&s4=162111&s11=76fa9ead35644ecaaceaba324d485ee1&s6=FJA52X5IXPX3HJGLJKD2RGVLQYWONQVFUWWOT5MXU2RAHIQB&campaignid=7576&prepop=yes
Cookie: XSRF-TOKEN=eyJpdiI6IjliZllwTTRJcDREa0VaS21CcXIra3c9PSIsInZhbHVlIjoiK0JURGhiMFhBZ0RqVnVPLzgzSDMxRzI4cVIvK0FkTTJseXJKVXdnNjhYaWhyODFUaVFwSFNSWVVzRWdDYTNtVFU3UCtFTXRINnc4NU84bHEweHFRWmVKV0Vxa24vcDBMbnJYVjNvUW4yS1Z4VVNGQ0tpcG80OTB4U1ZwSm14d0kiLCJtYWMiOiIxOGI5N2QxY2VkMTRlZjkyZGZjMjljN2Y4ZWUwNjdhODUyZjE4YjhhYThhZGYxZWIzMDZmYjU1NDczOTk2YjI4IiwidGFnIjoiIn0%3D; admin_panel_session=eyJpdiI6InoxMXlXS21wV0RYd1pmOEhOOGdBZ1E9PSIsInZhbHVlIjoiOVdtd2tSNGt0Ui9GUXNQV1pLV3hGcVVuZ3k2Mk1RWnljQnJJWHgzK2ViU2psVkNndVp5SENRekE1VnBMRnJuWWh4K0w4cHhnVS9DcWVRdlZ0RmUxQi9kYW9JM1F0dWNjLzhVY1RPTFVyK3VrSlBRNEEvQ29HN0hHdWVYTUVvWFMiLCJtYWMiOiI3OWQxY2QwYTUwNmFiMjFhNGMyNTcyYjc2OGQyMjI3ODY5MTBkZWM1Y2ZhNWE3NDNhMDEwZjA0ZGU3MTQ1NzA1IiwidGFnIjoiIn0%3D; local_transaction_ids=eyJpdiI6IktKVDZqQjRQTjY4YmNmV0VJZ05pL1E9PSIsInZhbHVlIjoiTHVXSit3K1dTKzlCdGlaMkZaMzA3U2MxcVdPSlM4bEJMS2xBcU85eXdyU2FEYmYzaUtudmNSUmxvVmh6ZnQzcmFUejRjWm0xMUVmaDl3QTBOdWdzM1NYTi9sQjlSMmRhU2ZKeHBQZURscnhpVWZ5UWZaMjhrWU02L1FDa0cxN3kvcWt1aUZTMGx3dnA1RGd3MTZMUW9BPT0iLCJtYWMiOiIyOGE1YmJkYTk1YTJjMmIyOGQyNzlhNWIwMjg0ZmFkYTRhODEzYmRjMzRkZThjZmVkNTRmYmUyNzBiZmE2OWYzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 09 Mar 2023 08:03:58 GMT
etag: W/"640992ee-2ae9"
expires: Mon, 25 Mar 2024 10:05:55 GMT
cache-control: max-age=31104000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2&f=reset
104.22.39.182200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2&f=reset
IP 104.22.39.182:0
GET /campaign/e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js?snippet_version=2&f=reset HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autoinsureconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 10:05:56 GMT
content-type: text/javascript
x-amz-id-2: eL+vMHHrL+EwZfsu6avfbQGbvuwOHtMH8gLhdF2aX5enRDXbqGz8Ppl9rncoQA3EwmZ90ut3x4Q=
x-amz-request-id: WRGPC3KPBXP75W6C
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:26:59 GMT
etag: W/"528ba83e2f53fc499b29c43bd3c47805"
cache-control: max-age=1800
x-amz-version-id: FkuwImpCc8hI5QllpZn.ifk3kxTwQbIS
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07c6d7ff1398f6-ARN
content-encoding: gzip
X-Firefox-Spdy: h2