x1lifeinsure.pages.dev Open in urlscan Pro
172.66.44.204  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response x1lifeinsure.pages.dev/	40 KB 12 KB	222ms 114ms	Document text/html	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 561203798fc04b2e478587ac7021074b6656919edb12ea8183104f89e881d830 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language pt-PT,pt;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 888c55246a756935-LIS content-encoding br content-type text/html; charset=utf-8 date Fri, 24 May 2024 09:41:54 GMT etag W/"9de2bb2f8cf19c5c98cb867d94d7794c" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uz6iHBUju0DfWcH1sR5X907FXnnaVxKVfPzt6V4VsdwoVeCPefVdw3uCnm%2FGNOAXkqX2ap4ok8uDIbqPsIkXQMfYb0YAoeo4QpsAqtzcuDlBJTVWdXQUVHaYdP3a%2FWFIAzxGzaBSKJON"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H3	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/	119 KB 24 KB	101ms 51ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1074 strict-transport-security max-age=31536000; includeSubDomains; preload age 3763559 cdn-cachedat 10/31/2023 20:14:24 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"7f89537eaf606bff49f5cc1a7c24dbca" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid dae22ca512c47a2f5ffdb5a789e9f414 timing-allow-origin * cdn-requestcountrycode FR cdn-status 200 cf-ray 888c55257cd7343d-LIS cdn-requestpullsuccess True
GET H2	200	phishing_login_lang.css x1lifeinsure.pages.dev/css/	19 KB 5 KB	101ms 98ms	Stylesheet text/css	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cb089bdc1db1ada964b71089c2031441341497201cfd43c48a5a7bc513c9533 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b93609ef1c4541bb4b66aeb1fab95a0a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N99Kd6dvyNJe3xVPuicturTVYY%2BzKd2WUKNG3yxP2i4Ipyc7T1Tvpqis%2BKu8DeYNdQ%2BxS64J%2BRHKxRD1FYA2JmggKs2Ky8RbimnPvM6En0FqsJrphcqr5vqrFZc1cIf6Ol29kNJupXem"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bac6935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	237ms 76ms	Script text/javascript	172.217.16.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f10.1e100.net Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 22:12:23 GMT content-encoding gzip x-content-type-options nosniff age 41371 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 22:12:23 GMT
GET H3	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/	39 KB 13 KB	142ms 93ms	Script application/javascript	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617 strict-transport-security max-age=31536000; includeSubDomains; preload age 3757577 cdn-cachedat 2021-08-01 19:19:12 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 6923066369371d6997c92d232b1a01f3 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 888c55257cd8343d-LIS cdn-requestpullsuccess True
GET H2	200	common_virtual.js Show response x1lifeinsure.pages.dev/js/	21 KB 5 KB	104ms 102ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/common_virtual.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0291e1e05611151da9457d0a23058d8252e291290b128595633279f708a1699d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3bc5118e8f3e26a7ceff0659d0e5fe4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRiTtDDWCiuO%2B4PW9tinQLRajL%2FHX1h50%2FXkr8sbYVCIezEW3KZO38MGHCKGnuI41LW%2Fi90o40%2F8ebXLy4Dx%2BoGYj8l1To8DizEENHDWU9tJFuHOoZyQYYD%2FXn%2F7Zt1E3NiBXE9UrBTp"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bae6935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	virtualkb_login.js Show response x1lifeinsure.pages.dev/js/	7 KB 3 KB	112ms 110ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/virtualkb_login.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b28b184bb6ff20f6db190b2186dbc13acf303ff8179da3b711dff366fdcab263 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"20f99c49351ad4fd15a308174c762ddf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLDIQRGe9oi16I2HFhYcVbnmeQzxoJLd%2FNqCuLLizcLr14KNVa5gFek5Xyfslj8hVco26NYbUxZWyDgB%2F%2BzTtArvyPYOcMO8g4VZc2STgi3cAVPYh3TTHzDWvblx%2BwVHrcDMW07xa%2Frv"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252baf6935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	jquery.vticker.min.js Show response x1lifeinsure.pages.dev/js/	2 KB 999 B	98ms 96ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/jquery.vticker.min.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b29a6a9164359e6b62430255b62d2adfcfa77f2153a3aedb8ed619f5cd8a046 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5c4271f9702e0370ba71150e691cd959" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUcLQCKMaeEOqzKRiJsJAaxI8uLqApGVeJ%2Bk%2BtE7%2BXODNp%2FEe%2FCIhcR5uJdIT2pW%2Bj2iPg1%2BD3gFtdW7rVVSgeUsMjI2i42t%2BD5OF%2Bx7kF63n6kOT5xGfO41TohF3ZGF99DoeLs23WQZ"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bb16935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	loginbottomtop.js Show response x1lifeinsure.pages.dev/js/	773 B 536 B	117ms 115ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/loginbottomtop.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61982dc2016a9e5293c4ee4bd9c20a3d1627c0d5efec0177df1206d2b7bedfda Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4346f6b42bce2de52f8a5d39a01c0695" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRmJ4KzOiBv0boSXNEMNjnwBxs3Td%2BKZU6yaSsHCSUTrzRsvgN2d39DRcxnGzJHlUjG71b6R3LfStpL9RY3ayxrHkLDETYaYXPiSgwTWceC%2FA%2FjWHjyN55F7wcFHdNuRsFHYdFwMB7sa"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bb36935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	loginTrouble_5034_security.js Show response x1lifeinsure.pages.dev/js/	5 KB 1 KB	110ms 108ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/loginTrouble_5034_security.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fa07d8475d14e8182dda2d241e906a02fcdf9e552b9b73e87135104236f8c19 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9d87f555ff73848f128c521af71f1435" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jyBlA%2B2wqSUfRhLglCxVQiQy0cnkg2kVrS39%2BFBERogm9AQ%2B%2FBwYaIy8T3%2Fj%2FDofUJroaVl8Yo6%2FzoXCL2h9ybFrQaHvAYnbg%2Fph0jEBocviAEmVdBaSUmGCfMWTAQW0wBzfINZEcZB"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bb46935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	md5_5034.js Show response x1lifeinsure.pages.dev/js/	7 KB 3 KB	129ms 128ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/md5_5034.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d58105906529c5e7d37d81d7f10e9fd044df4a2f6ff31411f598c8d7505ce3f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b96b320e81e9ed077e034bf42f44979d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=II1Omg%2Bt6gg05PZVnYj63ET7XffbC%2BPNbowEFce2KjJ9fRDhH3C431SAEo%2B0dCRv6YG2UTwYS1WS3aRDLIL7v6GKOuiSVoRODvp5gcV6XDUGTMUDsk1kNG9wihDUka6dbqx0b4TMMG3%2B"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bb56935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	sha512.js Show response x1lifeinsure.pages.dev/js/	12 KB 5 KB	123ms 121ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/sha512.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46f61472da2ecf768076b0c23f2a888499c09b577315bce0b62798ce145af53d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d8521e6015e9824b0d7e90c55e0b098a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSu%2BQe%2FupzyYZ7T%2F55jirXiTp%2FSCUrY8E56dO6iqWZFK%2Bwz6jdfJ09JmQnt8ZgLB0PKi%2B3SnZY9%2B3nmKxft50QB%2BN8d%2FGjiqc8OS1%2FJwAyaPeu91pxr8f%2FJh61BaleJo0%2BbYLVnbqDJI"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bb76935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	profile_sha10092020.js Show response x1lifeinsure.pages.dev/js/	10 KB 2 KB	114ms 113ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/profile_sha10092020.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67f10b9c066365803c648f8640b4d1d99d39861738c928d35bfc805f81ed3b3c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37a1ad2fa8ad0640398aabb2b89d7734" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mn%2B8Oxgf3oOrzT7%2BCufGPujjor4mTNDY%2FHlOTB3hdfL27L%2FikHM50fEiKhqJZ%2FQMwQPrRI0IzJwiV8%2F352vnpgh2zu7BF7mnD1Zwo%2FdK7l2vcSRtfMsL2o0XbHIfOZMQswCJDCZqc4RR"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bbb6935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	common.js Show response x1lifeinsure.pages.dev/js/	22 KB 5 KB	117ms 116ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/common.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5f635d9e1357f36d0d735fc4d52faf10c86bb4689949b496055b0495503e251 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"45a92cfab217930ccadd2cd2aa1f0c8b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqSjj7cg5UEXqoV7uVMpMfXxQjubPTsdm6tymXVXThWt5zXcPHzJxuTSJLqsu7jSyfWLTodmvrFvW1TT4mGQTrMoU6Lgco%2FmSAb%2Bq8A482Vlh%2FOTjjt2zvxI5NxwUZoG4Q9oi4ERJUc7"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55252bbd6935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	profile_sha_gc3_sec_260819.js Show response x1lifeinsure.pages.dev/js/	13 KB 2 KB	161ms 160ms	Script text/javascript	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x1lifeinsure.pages.dev/js/profile_sha_gc3_sec_260819.js Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d2be3dbc9161fda2a81cef257a67af39f29ab4f8a09d65569ccbe3f141b566e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"ac5321bfa4265c49a6a380f67992c582" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1zS7XQRzodr9BYfY2xmUTH1GCBhn48qVX%2FSu9VXjmsjoypIgSXyffd6IL83zJWgUFNVSqFz1aTn02hnT5uGAix7tZ1ucfn%2FjL7HRa8sBa%2F0YeuXGqo80LCdVVhwWdcObDS9hj1wVtM0"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55256c236935-LIS alt-svc h3=":443"; ma=86400
GET H2	200	HomeLoanButton.png x1lifeinsure.pages.dev/img/	20 KB 20 KB	139ms 139ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/HomeLoanButton.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a628590db5c4eece8db60001a7d58a58d866c37fdcf048aa129dac4722033606 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5bfa849d3c3bd74b9e57df7302b51b01" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6fit4%2FC1NLeOW0S4OFGS3Xm6j03y4I4b3gjMdoqU0eYTEdg%2BPXCdOBAeLiZf2sXk53GpPPzWP92Ibv5rybESOrxWm4EJEUTXIlS7cZv4XUKED%2B0ukuq7GX8%2Fm70hd47bnUn6xSW2n32"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55256c296935-LIS alt-svc h3=":443"; ma=86400 content-length 20385
GET H2	200	personal_banner.jpg x1lifeinsure.pages.dev/img/	74 KB 74 KB	163ms 162ms	Image image/jpeg	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/personal_banner.jpg Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c37ce37550aacf3097f908793a152f355c492f50581fee55699e940b0c21008 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c17d782f5dd41e1e3ff10e295c25b13f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLOqEftVgm%2FndCxrMuzWOjGr4q%2BXZRnYbuBBEpKx9Pk2PUy3NMvuUmqKn4IWsfm1hP6nA%2BMqPpJI6SeLCsYo8Jap4zjqgz%2B8xA%2B%2F28JF4ot%2B2cKOAv5NK3YStiX2kYYBvjOprHoVx5aG"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55256c2d6935-LIS alt-svc h3=":443"; ma=86400 content-length 75616
GET H3	200	captcha.png x1lifeinsure.pages.dev/img/	13 KB 13 KB	124ms 124ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/captcha.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 862c798304becd84843edf26b1cff057b461b19cf878b414aed418e36528b8a3 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0b677e89eeac4d64c2af4c977de25b98" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xhtnCdjLSewFiCH1bXpQxRXGTwiRH62s4%2BUkI3KlPxGWgkL1yEGyyrz9xoE5ZrkPNYoHMcYZZ7sgOUacQzHuyGDDOIBX3gUe0uZU0%2BG0PjoNqIgs7POz5S1hsj%2B9Vg6gt6Eklo9YeUj"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e414898-LIS alt-svc h3=":443"; ma=86400 content-length 13035
GET H3	200	login_img.png x1lifeinsure.pages.dev/img/	193 KB 194 KB	99ms 98ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/login_img.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a88ae05386ec4d0225edd6d78fe760350fcd2ec441067788eb6ffba78c69126e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7f68acc9803ae82ef74e570d8bd4651a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXgFwvz%2B5qygY%2BWYecENFh7z85KLV1ehlmieE4B4fV7dMmKLB%2Fyt8g86mXVEi9H2VT7OTh72Eidocl1yE13pWPm7bbNhPWdWJfb7UemnAEN4954rnyjgJ7GCUy1BssnCM7uAOrwjBOQ%2B"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55262cb04898-LIS alt-svc h3=":443"; ma=86400 content-length 197806
GET H3	200	veriSign_logo.png x1lifeinsure.pages.dev/img/	2 KB 3 KB	225ms 225ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/veriSign_logo.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e6f202ec2e66324d37eab78a4884fc70375db0497f9ae00d87ab21a982a1288 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "45e4101162cb85671feeb33794abd40a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIAOiEvHSFlw8SUHrBdWOyjmKmKyV67wRH26c1d21tiSfVprBSF5cFpSdTGRz%2B1jpe778vELOsxL82FTaHooSYlMTgsYLftxvdb%2BEMX098N2IOSu08qSL90wuFBcSurkL06t5v8jZwhH"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55266d174898-LIS alt-svc h3=":443"; ma=86400 content-length 2228
GET H3	200	netbanking_img.png x1lifeinsure.pages.dev/State%20Bank%20of%20India%20-%20Personal%20Banking_files/	40 KB 40 KB	124ms 123ms	Image text/html	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/State%20Bank%20of%20India%20-%20Personal%20Banking_files/netbanking_img.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9de2bb2f8cf19c5c98cb867d94d7794c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Dn286L711qLgsaJ8AirWczQxaZL82z4pl6MxrO1NszaqLNFndbVCKbHGG2AmLR1HrCEqtDstk5OKNLi%2Fj6x3GzNAApx8orW6wGrMX8TUGsvuZtruKUQx276EXCDc6KFysyGrQALZQQg"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e3b4898-LIS alt-svc h3=":443"; ma=86400
GET H3	200	logo_sprite.png x1lifeinsure.pages.dev/img/	38 KB 39 KB	159ms 158ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/logo_sprite.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 894c7dd5b82eb62abe7578e84bb55a8bddd064761dfa1941e142ead5172b4355 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "cbb9191330aad75fd4dc83a430d8fd4a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORu3iU6xTlYgJOZVFFTO%2Bj0ZCrMgsxLGBM6qLDx0k27WFkYfPbtcJv2liI2ODii8BDxAgnbOElXHdw0Hj2jiSvONehBlYKwjPFlTp12zWZOZbHigH1XWHPH%2FRSvqrDbqOl2JI8B%2F7eYd"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e4e4898-LIS alt-svc h3=":443"; ma=86400 content-length 38972
GET H3	200	footer_separator.png x1lifeinsure.pages.dev/css/img/	40 KB 40 KB	118ms 118ms	Image text/html	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/css/img/footer_separator.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9de2bb2f8cf19c5c98cb867d94d7794c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwKdGIUSg715K6hWDdVWGtaORA7HurvtkAQy8okdM3F5IpqYxryrbJ%2FXqQWVcFT9ON4%2BpetrKPFzaxO5HSwidNvfaFsQ3c4VFz1y8%2FS%2Bexc%2FZDuaz6b3d%2BojzkyFYwHsVjYKKybaXBBq"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e544898-LIS alt-svc h3=":443"; ma=86400
GET H3	200	green_smiley.png x1lifeinsure.pages.dev/img/	19 KB 20 KB	120ms 120ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/green_smiley.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9a1d7f4f4905e3131676291515cc122232cda23fbc106cfca5f9a24739e29c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2fcddfa4be4aa9d1b0639d7f8e2502ab" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhcUHaN1d5t0ipbV%2F5Tpw02JCEKivLhxAuYFKrvnfBNgyU1NoTXaHtnKQR5ssi7Z6JoIrFhXyWWUxabomeiWctuB5hVQZTS9XMee%2FWXmRGKv4v%2BQIwvdbYJOtoOhLzO%2B5tSNR3JPRTi3"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e5a4898-LIS alt-svc h3=":443"; ma=86400 content-length 19538
GET H3	200	red_smiley.png x1lifeinsure.pages.dev/img/	20 KB 20 KB	120ms 120ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/red_smiley.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d713897b10bac1e8642e21bebaca16a7d5afec6db669c498252d1f781fd9dd0 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "918c607c2bcb1c27e4d904fbfd630e29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yej4S4%2FT2IbosAouN6bmw0kj8YfupHxvgI5Eczm5KvdXOTFK%2B8RqRP98aoiQpGddsX%2FhuRC6q4Jtl9zhbl6Us6wsj4CODC%2FUN9depyQRgWyYmo3iDZ%2BfTsrp40gvuuGH80TGYokw7C2v"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e604898-LIS alt-svc h3=":443"; ma=86400 content-length 20020
GET H3	200	list_arrow.png x1lifeinsure.pages.dev/img/	981 B 1 KB	121ms 120ms	Image image/png	172.66.44.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x1lifeinsure.pages.dev/img/list_arrow.png Requested by Host: x1lifeinsure.pages.dev URL: https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed662dca5eed9bd75ca1496307ad7ce5d797ab2359e47350bdbe075a422dbce2 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/css/phishing_login_lang.css Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:41:54 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6f287e41658b3ac927321a5562346fd0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIhwPq%2BV7NPKqbFf3M%2FTIHEV0%2FXk09y4Fz%2FWdpqhk73h63jRGS3TodiScCXd7xhqkYQq0aY%2BxEzdOUh0KPvbsd1EUh726yPe%2BpOekol%2FKISqh99I2s%2B63qe29FE2h%2Bu7Vg2ZBvrLe3uM"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 888c55271e624898-LIS alt-svc h3=":443"; ma=86400 content-length 981
GET H2	200	resizeimage.ashx cdn.page-source.com/	0 143 B	230ms 78ms	Image text/plain	54.38.211.230 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.page-source.com/resizeimage.ashx?ig=x1lifeinsure.pages.dev&sz=105411 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.38.211.230 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip230.ip-54-38-211.eu Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-powered-by-plesk PleskWin date Fri, 24 May 2024 09:41:54 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/plain cache-control private content-length 0
GET H/1.1	200 OK	favicon.ico retail.onlinesbi.sbi/sbijava/retail/images/	1 KB 2 KB	837ms 238ms	Other image/x-icon	103.68.221.191 SBI-EMS-NET-IN IT...
General Check archive.org Show headers Download Go to Full URL https://retail.onlinesbi.sbi/sbijava/retail/images/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.68.221.191 , India, ASN45644 (SBI-EMS-NET-IN IT-Networking Department, IN), Reverse DNS Software / Resource Hash b341501fb21ca12002ba729f3dec4ab8684ba04ef64640ade67ea4233f1b67ba Security Headers Name Value Content-Security-Policy object-src 'self'; frame-src 'self'; child-src 'none'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://x1lifeinsure.pages.dev/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 24 May 2024 09:41:55 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Referrer-Policy strict-origin-when-cross-origin X-Content-Type-Options nosniff Last-Modified Fri, 02 Jun 2017 09:54:03 GMT Content-Security-Policy object-src 'self'; frame-src 'self'; child-src 'none'; frame-ancestors 'none'; X-Frame-Options SAMEORIGIN Content-Type image/x-icon Cache-Control no-cache, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 1150 X-XSS-Protection 1; mode=block

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| disableautocompletion function| checkSpecial function| selectAddress function| selectPaymentMode function| addressValidation function| onSubmitCheckbook function| selectAccountNo function| changeButton function| validateTransfers function| standOnSubmitValidate6 function| standOnSubmitValidate5 function| standOnSubmitValidate4 function| standOnSubmitValidate2 function| standOnSubmitValidate1 function| rTrim function| dateValidation function| displayNo function| dateValidation1 function| getBankSystem function| setBankSystem function| validateTransfersForAccount function| openpopup undefined| fieldObj boolean| bCaps number| focus_count string| sHTML string| tempVk function| getArr function| getFocus function| constructKeyboard function| putChar function| setCaretTo function| changeCase function| setCaps function| toggleCap function| setClearAll function| backspacevk function| vkClear function| shuffle function| validateForm function| submitLogin function| submitRSupportLogin object| troubleID function| showForm function| submitPPK function| submitSupportLogin function| disableCtrlKeyCombination function| MD5 function| encryptPassword function| encryptLoginPassword object| CryptoJS function| encryptSha2LoginPassword function| encryptSha2ProfilePassword function| encryptShaPassCode function| verifyProfilePasswordSha function| profilePWDValidationSha function| validateSetPasswordSha function| submitLoginSha function| verifyProfilePasswordShaSalt function| encryptSha2ProfilePasswordVerify function| profilePWDValidationShaRetail function| setFocus function| disableSubmitButton function| statusChange function| selectAccountNoDD function| isNumberCheck function| submitLoginShagc string| message function| clickIE4 function| clickNS4 function| init function| fnShowContent function| fnNewUserClick function| openemail boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isIE boolean| isEdge boolean| isChrome boolean| isBlink function| getUserSelImgCaptcha function| getUserSelAudCaptcha function| refreshImg

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://x1lifeinsure.pages.dev/ Message: [DOM] Found 2 elements with non-unique id #capOption: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://x1lifeinsure.pages.dev/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.page-source.com
maxcdn.bootstrapcdn.com
retail.onlinesbi.sbi
x1lifeinsure.pages.dev
103.68.221.191
104.18.11.207
172.217.16.202
172.66.44.204
54.38.211.230
0291e1e05611151da9457d0a23058d8252e291290b128595633279f708a1699d
0c37ce37550aacf3097f908793a152f355c492f50581fee55699e940b0c21008
0cb089bdc1db1ada964b71089c2031441341497201cfd43c48a5a7bc513c9533
2d2be3dbc9161fda2a81cef257a67af39f29ab4f8a09d65569ccbe3f141b566e
2d58105906529c5e7d37d81d7f10e9fd044df4a2f6ff31411f598c8d7505ce3f
3b29a6a9164359e6b62430255b62d2adfcfa77f2153a3aedb8ed619f5cd8a046
46f61472da2ecf768076b0c23f2a888499c09b577315bce0b62798ce145af53d
561203798fc04b2e478587ac7021074b6656919edb12ea8183104f89e881d830
61982dc2016a9e5293c4ee4bd9c20a3d1627c0d5efec0177df1206d2b7bedfda
67f10b9c066365803c648f8640b4d1d99d39861738c928d35bfc805f81ed3b3c
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6fa07d8475d14e8182dda2d241e906a02fcdf9e552b9b73e87135104236f8c19
862c798304becd84843edf26b1cff057b461b19cf878b414aed418e36528b8a3
894c7dd5b82eb62abe7578e84bb55a8bddd064761dfa1941e142ead5172b4355
8d713897b10bac1e8642e21bebaca16a7d5afec6db669c498252d1f781fd9dd0
9e6f202ec2e66324d37eab78a4884fc70375db0497f9ae00d87ab21a982a1288
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a628590db5c4eece8db60001a7d58a58d866c37fdcf048aa129dac4722033606
a88ae05386ec4d0225edd6d78fe760350fcd2ec441067788eb6ffba78c69126e
b28b184bb6ff20f6db190b2186dbc13acf303ff8179da3b711dff366fdcab263
b341501fb21ca12002ba729f3dec4ab8684ba04ef64640ade67ea4233f1b67ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f635d9e1357f36d0d735fc4d52faf10c86bb4689949b496055b0495503e251
e9a1d7f4f4905e3131676291515cc122232cda23fbc106cfca5f9a24739e29c6
ed662dca5eed9bd75ca1496307ad7ce5d797ab2359e47350bdbe075a422dbce2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d