URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Submission: On November 20 via api from RU — Scanned from CA

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 79 HTTP transactions. The main IP is 192.185.92.35, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is aar-insurance.ug.
TLS certificate: Issued by R11 on November 19th 2024. Valid for: 3 months.
This is the only time aar-insurance.ug was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 192.185.92.35 19871 (NETWORK-S...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
7 2a02:6ea0:c40... 60068 (CDN77 Dat...)
17 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:1f14:5db... 16509 (AMAZON-02)
2 172.66.0.145 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.159.140.147 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
79 12
Apex Domain
Subdomains
Transfer
31 aar-insurance.ug
aar-insurance.ug
313 KB
17 rms.cx
rms.cx
97 KB
9 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3208
api.userway.org — Cisco Umbrella Rank: 3180
65 KB
9 gstatic.com
fonts.gstatic.com
46 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
4 freshchat.com
aarinsurance-ug.freshchat.com
24 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
16 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370
7 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
79 9
Domain Requested by
31 aar-insurance.ug aar-insurance.ug
rms.cx
17 rms.cx aar-insurance.ug
rms.cx
9 fonts.gstatic.com fonts.googleapis.com
7 cdn.userway.org aar-insurance.ug
cdn.userway.org
5 fonts.googleapis.com aar-insurance.ug
rms.cx
4 aarinsurance-ug.freshchat.com aar-insurance.ug
aarinsurance-ug.freshchat.com
2 api.userway.org cdn.userway.org
1 cdnjs.cloudflare.com rms.cx
1 stackpath.bootstrapcdn.com rms.cx
1 www.google.com aar-insurance.ug
79 10
Subject Issuer Validity Valid
*.aar-insurance.ug
R11
2024-11-19 -
2025-02-17
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
1667503734.rsc.cdn77.org
E6
2024-09-25 -
2024-12-24
3 months crt.sh
rms.cx
WE1
2024-10-04 -
2025-01-02
3 months crt.sh
api.userway.org
Amazon RSA 2048 M02
2024-08-02 -
2025-08-31
a year crt.sh
freshchat.com
WE1
2024-10-15 -
2025-01-13
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh

This page contains 4 frames:

Primary Page: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Frame ID: 2A6E1BB8150B2C37507E11EF1CDE3672
Requests: 74 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=AAR%20Head%20Office&zoom=16
Frame ID: B09CA1E2BBA259016B8B2C7C727A2065
Requests: 1 HTTP requests in this frame

Frame: https://aarinsurance-ug.freshchat.com/widget/config_iframe.html?host=https://aarinsurance-ug.freshchat.com&token=4f844a80-3329-4de1-94de-c938831bce3c&origin=https://aar-insurance.ug
Frame ID: F0579E4E7C671CFF0BF7CCD62F5637F6
Requests: 1 HTTP requests in this frame

Frame: https://aarinsurance-ug.freshchat.com/widget/?token=4f844a80-3329-4de1-94de-c938831bce3c&referrer=aHR0cHM6Ly9hYXItaW5zdXJhbmNlLnVn&eagerLoad=true
Frame ID: 04BA82D331AEFBE0D894959F86AB6E0F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Page not found - AAR Insurance Uganda

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

99 %
HTTPS

73 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

570 kB
Transfer

2052 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request laodtaiueiaedpseenmr
aar-insurance.ug/oqu/
307 KB
69 KB
Document
General
Full URL
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
f7571c6ad41ea6369adc240d29a225b3a6b683b753926fd0f613800917a98657

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 10:43:17 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://aar-insurance.ug/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Accept-Encoding
tcb-base-css-19-1721111255.css
aar-insurance.ug/wp-content/uploads/thrive/
17 KB
5 KB
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/uploads/thrive/tcb-base-css-19-1721111255.css
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
4814
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Tue, 16 Jul 2024 06:27:35 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.min.css
aar-insurance.ug/wp-includes/css/dist/block-library/
112 KB
21 KB
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-includes/css/dist/block-library/style.min.css?ver=6.7
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Tue, 12 Nov 2024 23:00:04 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.css
aar-insurance.ug/wp-content/themes/thrive-theme/
18 KB
5 KB
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/style.css?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
d0637681fdc0e8a5efebb994dfb20709aeb7894554cbf31493f86a06721f15c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5259
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:44:51 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
jquery.min.js
aar-insurance.ug/wp-includes/js/jquery/
86 KB
37 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
jquery-migrate.min.js
aar-insurance.ug/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5422
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
imagesloaded.min.js
aar-insurance.ug/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
2112
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
masonry.min.js
aar-insurance.ug/wp-includes/js/
24 KB
9 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
9216
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
jquery.masonry.min.js
aar-insurance.ug/wp-includes/js/jquery/
2 KB
756 B
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
724
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
general.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
70 KB
29 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
frontend.min.js
aar-insurance.ug/wp-content/themes/thrive-theme/inc/assets/dist/
29 KB
11 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
11429
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:44:51 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
css
fonts.googleapis.com/
3 KB
923 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f126c9c23e36efd1d39996a79913ae93dda6d30a7bc108ac58060bedfbcefdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:43:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 10:43:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
12 KB
724 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,500,300,700,800,200,900,400i,500i&subset=latin&display=swap
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2358d1f0d1331ff382cb07d841ed2b03ce1e09e5e0b8a4f4c4fbea872ce4361d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:43:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 10:43:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
02dd011d-2f97-4a3e-9dda-06067cdacec3
https://aar-insurance.ug/ Frame
0
0

place
www.google.com/maps/embed/v1/ Frame B09C
0
0
Document
General
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=AAR%20Head%20Office&zoom=16
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-3sTYwRKmfpgheTYnaMwVIA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aar-insurance.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1406
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-3sTYwRKmfpgheTYnaMwVIA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 10:43:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
54 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
55254
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
individualCalculator.js
aar-insurance.ug/customJs/
17 KB
3 KB
Script
General
Full URL
https://aar-insurance.ug/customJs/individualCalculator.js?v=0.2
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
ee1b3b50e58e125a0976100562d05d02e371b3b0ce8f3cddae3e51fdbba12920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
3111
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 13:26:21 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
frontend.min.js
aar-insurance.ug/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/
2 KB
1 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
1021
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:44:52 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
search-form.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
10 KB
3 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=10.3&ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
27755bd63ec28b85ea92db1879e49759b6b6b80682506ff3233ab8e896a34f66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
3304
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
menu.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
15 KB
6 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=10.3&ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
6340
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
social-share.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
6 KB
2 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=10.3&ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
2504
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
ug-flag.png
aar-insurance.ug/wp-content/uploads/2024/02/
7 KB
7 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/ug-flag.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
f1863e242bf49a7d386930cf129a728433c28ac115fa27ccd0d93a10f4d18e27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
6819
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:53 GMT
content-type
image/png
server
Apache
ke-flag.png
aar-insurance.ug/wp-content/uploads/2024/02/
9 KB
9 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/ke-flag.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
a78e436c0cd0c6caab9bec366b4bcf70c4847b8fae764a22a1f6cd86d2b9f0cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
8878
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
tab-bg.png
aar-insurance.ug/wp-content/uploads/2024/02/
20 KB
20 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/tab-bg.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
305141fc52111c9475899aa4947ffbcd3469fddfc687b9bda96b56e76b5777e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
20820
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
484735
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 20:04:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 20:04:23 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
585240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 16:09:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 16:09:18 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
370542
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 03:47:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 03:47:36 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
404-6.png
aar-insurance.ug/wp-content/uploads/thrive-theme/images/
6 KB
6 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/thrive-theme/images/404-6.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
9b06b10faafedacaf9be8b0a2aa7ec35a8355e724e93f463d9f61fbeb561a719

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
5757
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:53 GMT
content-type
image/png
server
Apache
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ef231dcd4cbcad51c72ea21b29dc248d1e1676c4cf125563708aee598fd5b91a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"1da701210c2ad11dca7dc468826427a8"
age
281
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
pqCaFZus6FUzi-XgmNgocJwNMjcq4CSAGHRScQQxDf107WZhcQ11fA==
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 13:50:15 GMT
x-77-nzt-ray
8705ec34dcbfffc146bd3d67e708d729
vary
Accept-Encoding
x-77-nzt
EgwBT3/OzgH3fAoAAAwBnJI74gG3AAAAAA
cache-control
max-age=3600, public
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
2684
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b17c5b4b44f178de758b2708d85e677f5ee43ba2ba4b69c094873bb23c0ce88f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
amplify.js
rms.cx/js/feedbackWidget/
8 KB
3 KB
Script
General
Full URL
https://rms.cx/js/feedbackWidget/amplify.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced5776e7f2c4337bc405be205da8f8022b56d3689884b415530ec4b254e2dcf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"20e9-61434818c0a41-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ky8wf5dafzh3UweY4Dh%2BZNGVNypOHoBY24yKecrH8A7qI5kbnSewABbzBqKVgbpkkTt%2BaFCjel3QMP3l51VqRJ1sTfmXuozk9ylRCLXOUGrvrpH0qms69Frzcnf4g9%2FfcCdsRs0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36871&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4201&recv_bytes=4615&delivery_rate=429&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=309&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
application/javascript
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d699ba3c1861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2409
x-xss-protection
1; mode=block
server
cloudflare
main.js
rms.cx/js/feedbackWidget/
11 KB
4 KB
Script
General
Full URL
https://rms.cx/js/feedbackWidget/main.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27531546037212c65953b480ef6d7cc60a9bbc0ca5abcef81341cf876929a6ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"2d64-626b8e1f69ade-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dh%2FfDocFXqmJ6PcSd5LGz2bd3Mo6%2B0suTPlHuIiMFDvD7jUBdDvj5idcaQPyQXrY6O0fHmN9LLnfKyKZPlloBxzOKZHKBk4Wnk88xSe8Sd5DV%2FvHvEJf22bLHEZB3LBgznXZwC4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36871&sent=15&recv=11&lost=0&retrans=0&sent_bytes=7435&recv_bytes=4615&delivery_rate=429&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=338&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:29:27 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d699ba3e1861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3211
x-xss-protection
1; mode=block
server
cloudflare
wp-emoji-release.min.js
aar-insurance.ug/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5365
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
search
aar-insurance.ug/wp-json/iawp/
16 B
395 B
Ping
General
Full URL
https://aar-insurance.ug/wp-json/iawp/search
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
application/json; charset=UTF-8
vary
Origin,Accept-Encoding
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://aar-insurance.ug/wp-json/>; rel="https://api.w.org/"
access-control-allow-credentials
true
allow
POST
x-iawp
iawp
access-control-allow-origin
https://aar-insurance.ug
content-length
36
server
Apache
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
55254
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
widget_app_base_1731678445949.js
cdn.userway.org/widgetapp/2024-11-15-13-47-25/
129 KB
40 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
65cdc73c86e3d902c50f0ed241f93d440515390dd48e33e245fae2a3a17f18af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"de1906d04b0b6988f60d448bb93a2a06"
age
279
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
PV-eaJxzC0ai9prxO0pUmAJu17kNSfYNjTAa-74Ndbt1SqOb6yk7Tw==
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 13:50:03 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec343a368ec446bd3d6759fa7b35
x-77-nzt
EgwBT3/OzgH3L2oGAAwBWbuxDAG3AwAAAA
cache-control
max-age=25920000, public
via
1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
420399
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
0SIDUIMm1H
api.userway.org/api/tunings/
281 B
667 B
XHR
General
Full URL
https://api.userway.org/api/tunings/0SIDUIMm1H
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:48dc:1470:5a6e:6be0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c3235f4616d8236095a95593d96608c62559664401ba70e9bda45a905b454c39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usra231d259c6fb47d
etag
W/"119-SmTJ0UhYtk5OWZT/4H/dtWtTNDg"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
281
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
amplify.css
rms.cx/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://rms.cx/css/amplify.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/amplify.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"a6a-61434818a0e71-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5igY6odO7PKUOCI2NjeRcKFzMJ2rYGYuZE%2B9fRcWYFn6iyVDzDGXwc7jm%2BduO38lGkz0tbMAy%2FIg2Cc08SNxk%2FfF46S3bo74rnqkunOqxUcWvKOIwWp7uukdpwGx2J0hoTB6RcE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47116&sent=21&recv=17&lost=0&retrans=0&sent_bytes=11510&recv_bytes=5665&delivery_rate=192891&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=632&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
text/css
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d69bab391861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
948
x-xss-protection
1; mode=block
server
cloudflare
getWidgetSettings
rms.cx/
2 KB
2 KB
Fetch
General
Full URL
https://rms.cx/getWidgetSettings
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/amplify.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
a27c55abb43fe97dc00ad8dd3fb103c92d35abdc674ad260a5fa2e3cff55ea9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2uuAi1sY8wtdXEsOBpjZ%2FMafUolhby98xo6mPZKhcdgfUFFFy1iDlkr6olsg2JiEIVsy67Y3QL4Bu5QFJrDMpWjmbKEEBZlrQ73fW0tAk5unpSUagjWDRcBSSxwp%2BxqeqCX72M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44375&sent=30&recv=22&lost=0&retrans=0&sent_bytes=16347&recv_bytes=6459&delivery_rate=37325&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=1176&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d69edd3e1861-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-powered-by
PHP/7.2.29
server
cloudflare
getWidgetSettings
rms.cx/ Frame
0
0
Preflight
General
Full URL
https://rms.cx/getWidgetSettings
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aar-insurance.ug
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin
*
allow
POST
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e57d69bab3b1861-EWR
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 10:43:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B7rBdOz3K7uTQYUBgz5yiWs8zF8S1OJEv9C%2BJh%2BbMMnLpNgmRMhjuyT1gvcmyN9P8onK4eJG2IlzpjA0ma8BTRFLPXmqReKTvOaOS7wJEfHPJJlleQZai9onBKg1Is2i%2FGf%2FlY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=45722&sent=23&recv=18&lost=0&retrans=0&sent_bytes=13227&recv_bytes=5708&delivery_rate=6375&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=827&x=1" cfHdrFlush;dur=0
x-content-type-options
nosniff
x-powered-by
PHP/7.2.29
x-xss-protection
1; mode=block
getWidgetSettings
rms.cx/
381 B
1 KB
Fetch
General
Full URL
https://rms.cx/getWidgetSettings
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
6ecbd1f41be704782ab8237a33a591c13ada90966d3217133f3aa237a40a3c2c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1edMvWwMioqIYFE5jMYNrxjUqmFKmZHzCjrq2ZsXkS2D9hFWxNzESHZprQQZ0OJfkXOFRm8ykTtqphLxbF%2B75%2BTrTACpBw7vpIiTd7zW8cCJYX3PWqOZERevcVw9YfvcO%2BAJSB8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44375&sent=28&recv=22&lost=0&retrans=0&sent_bytes=14797&recv_bytes=6459&delivery_rate=37325&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=1153&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d69eed421861-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-powered-by
PHP/7.2.29
server
cloudflare
getWidgetSettings
rms.cx/ Frame
0
0
Preflight
General
Full URL
https://rms.cx/getWidgetSettings
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aar-insurance.ug
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin
*
allow
POST
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e57d69bfb571861-EWR
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 10:43:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vXGUVFQq9Ep1P1k8bSrVUJQgXEcNGeK7PfSBKsaxUxMoqCJ0UxFnf%2Fp7vTWpxZoHqQLiwy3CF%2FpHmzqbYI1DrWtzKUL2XVhz%2F1udTKi%2Fdlpv2Sh6bF9VVLt2olnHzhjL67azoY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=45722&sent=24&recv=18&lost=0&retrans=0&sent_bytes=13977&recv_bytes=5708&delivery_rate=6375&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=834&x=1" cfHdrFlush;dur=0
x-content-type-options
nosniff
x-powered-by
PHP/7.2.29
x-xss-protection
1; mode=block
en-GB.json
cdn.userway.org/widgetapp/2024-11-15-13-47-25/locales/
607 B
944 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/locales/en-GB.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"971644f50e2020e1ff22e37edcad46f6"
age
60
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
INh7YLkJ31uBJXfeCzXM9bq2ymPVXAKnfq_JmElndl4n7fkyx5E-6Q==
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
application/json
last-modified
Fri, 15 Nov 2024 13:50:02 GMT
x-77-nzt-ray
8705ec343a368ec447bd3d6785d11813
vary
Accept-Encoding
x-77-nzt
EgwBT3/OzgH3IWoGAAwBWbuxDAG3DAAAAA
cache-control
max-age=25920000, public
via
1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
420385
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget.js
aarinsurance-ug.freshchat.com/js/
67 KB
22 KB
Script
General
Full URL
https://aarinsurance-ug.freshchat.com/js/widget.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b2c8dbf9946747895038b615829c37a565d25cbc013222cb6af76c3a3fcf30
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

x-request-id
419d3e9a-38d7-412b-8251-217822eceae8
content-encoding
gzip
x-fw-ratelimiting-managed
false
cf-cache-status
HIT
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
expires
Wed, 20 Nov 2024 14:43:19 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 04:29:39 GMT
x-server
r94rv
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=14400
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
2
x-trace-id
00-0f64567b614f63855fc98af8ce295ece-1ba46933fa1044fe-00
cf-ray
8e57d6a02b143a06-YYZ
x-xss-protection
1; mode=block
server
cloudflare
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
55254
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
55254
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
remediation-tool-free.js
cdn.userway.org/remediation/2024-11-15-13-47-25/free/
31 KB
13 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-11-15-13-47-25/free/remediation-tool-free.js?ts=1731678445949
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
17e339a0658da095c4a43f76b0e8c449203e13b603929d28d9b9a32569c69613

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f7897b42dc30bdc88d7030dda469c2c1"
age
280
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
5TKrKvFjJRFh3Z5wIoKk1mwadyk6YdQ3_423oKkHfR2W8N24t67MsA==
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 13:50:13 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec343a368ec447bd3d67d6072731
x-77-nzt
EgwBT3/OzgH3L2oGAAwBWbuxDAG3AQAAAA
cache-control
max-age=25920000, public
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
420399
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/
30 KB
5 KB
Stylesheet
General
Full URL
https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f2af0550fd876a33ddea966e61b5093b"
age
276
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 13:49:27 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec34dcbfffc147bd3d6729985031
x-77-nzt
EgwBT3/OzgH3L2oGAAwBnJI73wG3BQAAAA
cache-control
max-age=864000, public
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
420399
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
select2.min.js
rms.cx/node_modules/select2/dist/js/
66 KB
20 KB
Script
General
Full URL
https://rms.cx/node_modules/select2/dist/js/select2.min.js
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"10964-613eb70838a17-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2si2cUnF272T1m8ZrQ7S50GUT21YdLRialcDE4J4nzl5mPMIJjY%2BsD%2F%2FjAJHxjaNdr2A2VRnkYzjEgtQnTcTuaFxc1Q65HPJcdwC1pixyYFireK0wDn3XM5%2BkQoJBM30O7Mehw4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40246&sent=32&recv=24&lost=0&retrans=0&sent_bytes=25745&recv_bytes=5911&delivery_rate=239829&cwnd=13200&unsent_bytes=0&cid=70cb7740d64cccdd&ts=403&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
application/javascript
last-modified
Mon, 18 Mar 2024 08:49:46 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a18e801849-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
19405
x-xss-protection
1; mode=block
server
cloudflare
fontawesome.js
rms.cx/js/includes/
68 KB
20 KB
Script
General
Full URL
https://rms.cx/js/includes/fontawesome.js
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fda2d5db7a83e236929188ddf0aa073794bbcc16196a32bea3157816b286e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"10edc-61434818c0a41-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uj1QmGKPsxNICvsMaE0uv%2FXmkDvOr4CNUcbBNwC9VkZtXgre0gBJcEjbHuZWp3CGTaj0ZmqtQQZh%2FVkRuDuyugkofrrv4zby%2BWPz1x53J8rq8MYQmTeBZAdrg1iWVs730fVp4DM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40246&sent=43&recv=24&lost=0&retrans=0&sent_bytes=38367&recv_bytes=5911&delivery_rate=239829&cwnd=13200&unsent_bytes=0&cid=70cb7740d64cccdd&ts=424&x=1", cfHdrFlush;dur=8
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
application/javascript
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a18e821849-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
19704
x-xss-protection
1; mode=block
server
cloudflare
form.js
rms.cx/js/customFunctions/
77 KB
17 KB
Script
General
Full URL
https://rms.cx/js/customFunctions/form.js
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d0d2fae9bd071921ab3ae63b38f40bc05eab5f55138cce5b6c3e8a9fb06366
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://rms.cx/js/feedbackWidget/main.js

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"135d5-626b8e1f69ade-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUah3NF4qu%2BJ1vf%2B%2FCWTTit0F4dER8TpNu2FsOAdECdgfUdXMvrGgwzu42RaiSKokq9ooMymHAJ4pZlrwDAD%2Bpr4XWw3yYN%2Bvr73THQ8KqCOOeBxJo2%2B7aDg67t%2F5MUH3yU9dYo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50690&sent=41&recv=32&lost=0&retrans=0&sent_bytes=24875&recv_bytes=7746&delivery_rate=175973&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=1582&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:29:27 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a0fe501861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16624
x-xss-protection
1; mode=block
server
cloudflare
feedbackWidget.css
rms.cx/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://rms.cx/css/feedbackWidget.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb0205fbea18b821bee2cf065484e4f237f6c6f80aa70aba68ccb72f5eb5c4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2f89-61434818a0e71-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qH53guKGm4uZtWhOU9h806kp0%2Bvxy5ZetzY3kWiHPmcosLtnBz9QA1R6fMa%2FpzrnX1nvljEFY2DmoM6z0vMC9fQNd57asGV5pGb3vbZsGhUNiTmK5VNpArmVHdPZ53SrLbNcv7k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47351&sent=37&recv=28&lost=0&retrans=0&sent_bytes=21239&recv_bytes=7573&delivery_rate=11246&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=1498&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
text/css
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a0fe531861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2824
x-xss-protection
1; mode=block
server
cloudflare
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
189145
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Nov 2024 10:43:19 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/07/2024 01:04:57
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
54287b6e94b12be3dfbd353b3e89931f
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8e57d6a1bc3318c8-EWR
access-control-allow-origin
*
cdn-edgestorageid
871
server
cloudflare
cdn-requestcountrycode
US
select2.min.css
rms.cx/node_modules/select2/dist/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://rms.cx/node_modules/select2/dist/css/select2.min.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"3b4c-613eb70838a17-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hq6PoJ94FYY2zwgw2ZVznP6srtLNj4S2n2%2Bg2cezUvo87I2sbA6gYwE0zhBoKuIfmusoWx1yOcbp6R9RmjBCRheAlSk2la5oPjOOkHqRAfTLlETEQYsMgdd%2FLWSRYYXhM5aQoPM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47351&sent=34&recv=28&lost=0&retrans=0&sent_bytes=18443&recv_bytes=7573&delivery_rate=11246&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=1475&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
text/css
last-modified
Mon, 18 Mar 2024 08:49:46 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a0fe551861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2005
x-xss-protection
1; mode=block
server
cloudflare
Speechbubble.png
rms.cx/images/
16 KB
17 KB
Image
General
Full URL
https://rms.cx/images/Speechbubble.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b992d3b2a54995c7cd3b2bd12712f1ac692ebd7ec2f37b5454f32b9832ee863
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cache-status
REVALIDATED
etag
"40ce-61434818b1fe1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ednZ8OsPn4J%2B5GflBnwW3%2BMnMk%2BLtjtbDX3O0tB0RoUY0BVA%2B3k7bpIdJb%2FswT%2F%2FIAVkRIA0xq0t6YHit9OtEVd5CuFiFOqa%2BN606S%2FgGhwa1LaGL3qsq8EtZs%2BsxxdbZ9CVISI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39765&sent=12&recv=14&lost=0&retrans=0&sent_bytes=3858&recv_bytes=5481&delivery_rate=399&cwnd=12000&unsent_bytes=0&cid=70cb7740d64cccdd&ts=318&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
image/png
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a18e831849-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16590
x-xss-protection
1; mode=block
server
cloudflare
star.svg
rms.cx/images/amplify/
684 B
1 KB
Image
General
Full URL
https://rms.cx/images/amplify/star.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20e0da8a685df520e1f353026a43062020285b5eb4989fc619fb47933df6787
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2ac-61434818b46f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxea%2BOlJ%2FfBBXDdyz06AHdi32iuqoUGkmlA4%2BrGb0pG%2F21IX87SL7%2BI7%2Foypbzt4AnDFLYe%2ByFCSx35AlyGi5R0O0%2B5ZdrzjOSPoUnZHzN2%2B5cMInIOGk235jTJgK8ZgAkGJk3A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39765&sent=11&recv=14&lost=0&retrans=0&sent_bytes=2678&recv_bytes=5481&delivery_rate=399&cwnd=12000&unsent_bytes=0&cid=70cb7740d64cccdd&ts=311&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a18e841849-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
rms.png
rms.cx/images/amplify/
3 KB
4 KB
Image
General
Full URL
https://rms.cx/images/amplify/rms.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33105fe477cfdd284f7bd48c61ad6e0ab4e3d0037f20a03f5f5ca2cdc52b1f77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cache-status
REVALIDATED
etag
"d1b-61434818b46f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHZJXXUG4xmjFI5XISEy8OsNPT2yG1mMxXKX%2FU594drGeSshBpE%2Fzy4hsrrBhIc4GOOaRJkIO9cnHTNX0etsZJyMdnQHGQ0Z3bwTpzsX%2FE3%2F%2B7Zb%2FGmVZN18xCS5sAZlU1aT5xg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39765&sent=21&recv=14&lost=0&retrans=0&sent_bytes=14658&recv_bytes=5481&delivery_rate=399&cwnd=12000&unsent_bytes=0&cid=70cb7740d64cccdd&ts=331&x=1", cfHdrFlush;dur=24
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
image/png
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a18e861849-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3355
x-xss-protection
1; mode=block
server
cloudflare
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
368164
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 04:27:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 04:27:15 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
wheel_right_bl.svg
cdn.userway.org/widgetapp/images/
3 KB
2 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/wheel_right_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"66e207a98020ce81d086e97f22a4833c"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
hYM_0q7SeBPx27InzEyOxYf26wyJSL0c3oUzM9jgsaGxUq0SA5h4jg==
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
image/svg+xml
x-77-nzt-ray
8705ec34dcbfffc147bd3d6778f65c35
vary
Accept-Encoding
last-modified
Fri, 15 Nov 2024 13:50:05 GMT
x-77-nzt
EgwBT3/OzgH3GGoGAAwBnJI73wG3GAAAAA
cache-control
max-age=25920000, public
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
420376
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
spin_bl.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f1006e80919a554a181eeffcb6b3e381"
age
2
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
bjOyblOQAgUXvTs7cWVOI3cmkKngMaNilxB59sq_8ApfYANXt3UvvQ==
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Nov 2024 13:50:05 GMT
vary
Accept-Encoding
x-77-nzt-ray
8705ec34dcbfffc147bd3d6755967036
x-77-nzt
EgwBT3/OzgH3L2oGAAwBuTvfFAG3AgAAAA
cache-control
max-age=25920000, public
via
1.1 d5b1e30b6413a7f5a2c9efa2afce8170.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
420399
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
config_iframe.html
aarinsurance-ug.freshchat.com/widget/ Frame F057
0
0
Document
General
Full URL
https://aarinsurance-ug.freshchat.com/widget/config_iframe.html?host=https://aarinsurance-ug.freshchat.com&token=4f844a80-3329-4de1-94de-c938831bce3c&origin=https://aar-insurance.ug
Requested by
Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aar-insurance.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
cf-cache-status
DYNAMIC
cf-ray
8e57d6a39965ab9a-YYZ
content-encoding
br
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Wed, 20 Nov 2024 10:43:20 GMT
last-modified
Thu, 14 Nov 2024 04:29:39 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
cloudflare
strict-transport-security
max-age=0
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
ba6065e7-24e7-4690-8ed8-9784948e189d
x-server
mm65r
x-trace-id
00-dfa3f3f53bcbd344735e32b1dbe34d80-67a55a87eddbd35b-00
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/
3 KB
755 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Requested by
Host: rms.cx
URL: https://rms.cx/css/feedbackWidget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
341ebdce02a1c8af36a43925b8b28c6fed61987a86016c4fb71c3a6a3e745b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://rms.cx/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 10:43:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
386961
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 23:13:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 23:13:59 GMT
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14780
x-xss-protection
0
server
sffe
tcb-base-css-19-1721111255.css
aar-insurance.ug/wp-content/uploads/thrive/
17 KB
0
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/uploads/thrive/tcb-base-css-19-1721111255.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
4814
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Tue, 16 Jul 2024 06:27:35 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.min.css
aar-insurance.ug/wp-includes/css/dist/block-library/
112 KB
0
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-includes/css/dist/block-library/style.min.css?ver=6.7
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Tue, 12 Nov 2024 23:00:04 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.css
aar-insurance.ug/wp-content/themes/thrive-theme/
18 KB
0
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/style.css?ver=10.3
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
d0637681fdc0e8a5efebb994dfb20709aeb7894554cbf31493f86a06721f15c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5259
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 04 Nov 2024 10:44:51 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
css
fonts.googleapis.com/
3 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f126c9c23e36efd1d39996a79913ae93dda6d30a7bc108ac58060bedfbcefdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:43:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 10:43:18 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
12 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,500,300,700,800,200,900,400i,500i&subset=latin&display=swap
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2358d1f0d1331ff382cb07d841ed2b03ce1e09e5e0b8a4f4c4fbea872ce4361d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:43:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:43:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 10:43:18 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
amplify.css
rms.cx/css/
3 KB
0
Stylesheet
General
Full URL
https://rms.cx/css/amplify.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"a6a-61434818a0e71-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5igY6odO7PKUOCI2NjeRcKFzMJ2rYGYuZE%2B9fRcWYFn6iyVDzDGXwc7jm%2BduO38lGkz0tbMAy%2FIg2Cc08SNxk%2FfF46S3bo74rnqkunOqxUcWvKOIwWp7uukdpwGx2J0hoTB6RcE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47116&sent=21&recv=17&lost=0&retrans=0&sent_bytes=11510&recv_bytes=5665&delivery_rate=192891&cwnd=12000&unsent_bytes=0&cid=868fc9b3d033ef11&ts=632&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 10:43:19 GMT
content-type
text/css
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d69bab391861-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
948
x-xss-protection
1; mode=block
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/
87 KB
16 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"620188b3-3b90"
age
60202
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGCjjuDEQqorgc7%2FoCgfdIsd%2F7ctNKLD5HA9JFyr0j5KLxa15faaJoUN8icHFEzrpL9btbPEZzBQY%2FJA5w8Zhxupwev2Xng5cDAZms9cmUOVwdKqrO1U4KYPOLYDJnKCiuOrsnIouJCfrgcJV%2BgfHSlD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 10:43:20 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Feb 2022 21:01:39 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e57d6a4bcdb43cb-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
15248
server
cloudflare
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
55254
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
370542
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 03:47:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 03:47:36 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
368164
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 04:27:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 04:27:15 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
484735
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 20:04:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 20:04:23 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
585240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 16:09:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 16:09:18 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr

Response headers

accept-ranges
bytes
content-length
55254
date
Wed, 20 Nov 2024 10:43:18 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
/
aarinsurance-ug.freshchat.com/widget/ Frame 04BA
0
0
Document
General
Full URL
https://aarinsurance-ug.freshchat.com/widget/?token=4f844a80-3329-4de1-94de-c938831bce3c&referrer=aHR0cHM6Ly9hYXItaW5zdXJhbmNlLnVn&eagerLoad=true
Requested by
Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.140.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aar-insurance.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
cf-cache-status
DYNAMIC
cf-ray
8e57d6a63bb5ab3a-YYZ
content-encoding
br
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Wed, 20 Nov 2024 10:43:20 GMT
last-modified
Thu, 14 Nov 2024 04:29:39 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
cloudflare
strict-transport-security
max-age=0
x-envoy-upstream-service-time
2
x-fw-ratelimiting-managed
false
x-request-id
67c451af-788c-4996-8b42-68c3573e2f75
x-server
p49l2
x-trace-id
00-06acc7d777460328517fea6e62d10dec-f263ea1bfae1a044-00
x-xss-protection
1; mode=block
widget.css
aarinsurance-ug.freshchat.com/widget/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://aarinsurance-ug.freshchat.com/widget/css/widget.css?t=1732099400652
Requested by
Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

x-request-id
7ece9a0a-323c-4494-8c67-3b4ed7330799
content-encoding
gzip
x-fw-ratelimiting-managed
false
cf-cache-status
MISS
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
expires
Thu, 20 Nov 2025 10:43:20 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 04:29:39 GMT
x-server
p49l2
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
2
x-trace-id
00-0d9eec696a18d9336c6a0aa93fac1778-b555bdd58048f083-00
cf-ray
8e57d6a62dd03a06-YYZ
x-xss-protection
1; mode=block
server
cloudflare
rms.png
rms.cx/images/amplify/
3 KB
0
Image
General
Full URL
https://rms.cx/images/amplify/rms.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33105fe477cfdd284f7bd48c61ad6e0ab4e3d0037f20a03f5f5ca2cdc52b1f77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cache-status
REVALIDATED
etag
"d1b-61434818b46f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHZJXXUG4xmjFI5XISEy8OsNPT2yG1mMxXKX%2FU594drGeSshBpE%2Fzy4hsrrBhIc4GOOaRJkIO9cnHTNX0etsZJyMdnQHGQ0Z3bwTpzsX%2FE3%2F%2B7Zb%2FGmVZN18xCS5sAZlU1aT5xg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39765&sent=21&recv=14&lost=0&retrans=0&sent_bytes=14658&recv_bytes=5481&delivery_rate=399&cwnd=12000&unsent_bytes=0&cid=70cb7740d64cccdd&ts=331&x=1", cfHdrFlush;dur=24
date
Wed, 20 Nov 2024 10:43:20 GMT
content-type
image/png
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e57d6a18e861849-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3355
x-xss-protection
1; mode=block
server
cloudflare
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Faar-insurance.ug%2Foqu%2Flaodtaiueiaedpseenmr/DESKTOP/WIDGET_OFF/
77 B
454 B
Fetch
General
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Faar-insurance.ug%2Foqu%2Flaodtaiueiaedpseenmr/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:48dc:1470:5a6e:6be0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
77
date
Wed, 20 Nov 2024 10:43:24 GMT
content-type
application/json; charset=utf-8
x-service-version
seo-w-eb3c4543
vary
Accept-Encoding
access-control-allow-headers
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aar-insurance.ug
URL
blob:https://aar-insurance.ug/02dd011d-2f97-4a3e-9dda-06067cdacec3

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| flatStyles function| lightspeedOptimizeStylesheet function| lightspeedOptimizeFlat object| _wpemojiSettings function| jQuery function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| tve_frontend_options object| ThriveGlobal object| TCB_Front function| tve_is_email object| thrive_front_localize object| ThriveTheme function| initFreshChat function| initialize function| initiateCall object| tve_dash_front object| TVE_Dash object| tcb_current_post_lists object| tcb_post_lists object| TL_Const object| twemoji object| wp object| UserWayWidgetApp function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway function| loadSwiper function| getIcon function| loadGrid function| loadCaurosel function| loadPopup function| closePopup function| nextReview function| prevReview function| showMore function| rmsReviewText function| rmsReveal function| setupCarousel function| postData object| rmsFinalQuestionList object| rmsFinalQuestionList2 object| rmsAnswers string| rmsSurveyColor string| rmsPost object| rmsSettings string| rmsSource function| changeInnerHTML function| openModal function| closeModal function| closeSurvey function| loadingS function| getSurvey function| includejQuery object| UserWay object| setting function| rmsJquery function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async object| fcWidget function| saveEmotion function| saveDropDown function| saveMultiChoice function| changeColorsOpinon function| saveOpinionScale function| questionSwitch function| saveFreetxt function| saveMultiChoiceChat function| selectRmsTag object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome

1 Cookies

Domain/Path Name / Value
.freshchat.com/ Name: __cf_bm
Value: 2byRPHePzk_HoeEos1meI8IJJo7HTuhB028ZSxU.Fwo-1732099402-1.0.1.1-BLj_7krCufMrelYxNSs124ZHEQt_mw1eukXitm9EpHDSADlNCSgiGrMw3DRptqU55SryFh6GW0DnSlMv3MXIkA

1 Console Messages

Source Level URL
Text
network error URL: https://aar-insurance.ug/oqu/laodtaiueiaedpseenmr
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aar-insurance.ug
aarinsurance-ug.freshchat.com
api.userway.org
cdn.userway.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rms.cx
stackpath.bootstrapcdn.com
www.google.com
aar-insurance.ug
162.159.140.147
172.66.0.145
192.185.92.35
2600:1f14:5db:eb11:48dc:1470:5a6e:6be0
2606:4700:3037::ac43:bc9c
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4006:808::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2a02:6ea0:c400::53
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9
17e339a0658da095c4a43f76b0e8c449203e13b603929d28d9b9a32569c69613
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
2358d1f0d1331ff382cb07d841ed2b03ce1e09e5e0b8a4f4c4fbea872ce4361d
27531546037212c65953b480ef6d7cc60a9bbc0ca5abcef81341cf876929a6ad
27755bd63ec28b85ea92db1879e49759b6b6b80682506ff3233ab8e896a34f66
305141fc52111c9475899aa4947ffbcd3469fddfc687b9bda96b56e76b5777e8
30fda2d5db7a83e236929188ddf0aa073794bbcc16196a32bea3157816b286e9
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
33105fe477cfdd284f7bd48c61ad6e0ab4e3d0037f20a03f5f5ca2cdc52b1f77
341ebdce02a1c8af36a43925b8b28c6fed61987a86016c4fb71c3a6a3e745b50
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3f126c9c23e36efd1d39996a79913ae93dda6d30a7bc108ac58060bedfbcefdd
4b992d3b2a54995c7cd3b2bd12712f1ac692ebd7ec2f37b5454f32b9832ee863
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
65cdc73c86e3d902c50f0ed241f93d440515390dd48e33e245fae2a3a17f18af
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0
6ecbd1f41be704782ab8237a33a591c13ada90966d3217133f3aa237a40a3c2c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e
88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186
89b2c8dbf9946747895038b615829c37a565d25cbc013222cb6af76c3a3fcf30
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b06b10faafedacaf9be8b0a2aa7ec35a8355e724e93f463d9f61fbeb561a719
a27c55abb43fe97dc00ad8dd3fb103c92d35abdc674ad260a5fa2e3cff55ea9a
a78e436c0cd0c6caab9bec366b4bcf70c4847b8fae764a22a1f6cd86d2b9f0cf
acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8
b17c5b4b44f178de758b2708d85e677f5ee43ba2ba4b69c094873bb23c0ce88f
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3235f4616d8236095a95593d96608c62559664401ba70e9bda45a905b454c39
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb0205fbea18b821bee2cf065484e4f237f6c6f80aa70aba68ccb72f5eb5c4d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ced5776e7f2c4337bc405be205da8f8022b56d3689884b415530ec4b254e2dcf
d0637681fdc0e8a5efebb994dfb20709aeb7894554cbf31493f86a06721f15c3
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e20e0da8a685df520e1f353026a43062020285b5eb4989fc619fb47933df6787
e8d0d2fae9bd071921ab3ae63b38f40bc05eab5f55138cce5b6c3e8a9fb06366
ee1b3b50e58e125a0976100562d05d02e371b3b0ce8f3cddae3e51fdbba12920
ef231dcd4cbcad51c72ea21b29dc248d1e1676c4cf125563708aee598fd5b91a
f1863e242bf49a7d386930cf129a728433c28ac115fa27ccd0d93a10f4d18e27
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7571c6ad41ea6369adc240d29a225b3a6b683b753926fd0f613800917a98657