insurance.welnext.com Open in urlscan Pro
13.126.209.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://insurance.welnext.com/
Effective URL:
https://insurance.welnext.com/
Submission Tags: falconsandbox
Submission: On January 12 via api (January 12th 2022, 11:20:59 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 13.126.209.204, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is insurance.welnext.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 8th 2021. Valid for: a year.

This is the only time insurance.welnext.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	13.126.209.204 13.126.209.204	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
22	4

13 13.126.209.204 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

insurance.welnext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	welnext.com 1 redirects insurance.welnext.com	594 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	336 KB
4	google.com www.google.com — Cisco Umbrella Rank: 8	38 KB
22	3

	Domain	Requested by
13	insurance.welnext.com	1 redirects insurance.welnext.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	insurance.welnext.com www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
22	4

This site contains no links.

Subject Issuer	Validity	Valid
insurance.welnext.com Go Daddy Secure Certificate Authority - G2	`2021-11-08` - `2022-11-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://insurance.welnext.com/
Frame ID: E9E05D14D4C9742734E9FC799A521CFF
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg&co=aHR0cHM6Ly9pbnN1cmFuY2Uud2VsbmV4dC5jb206NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=d7jv7d76j9i3
Frame ID: C4F9BBCBC3AC50A80ACFFDB18DE328BB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GoWELNEXT

Page URL History Show full URLs

http://insurance.welnext.com/ HTTP 301
https://insurance.welnext.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

968 kB
Transfer

1443 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://insurance.welnext.com/ HTTP 301
https://insurance.welnext.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
insurance.welnext.com/
Redirect Chain

http://insurance.welnext.com/
https://insurance.welnext.com/

10 KB
12 KB

570ms
203ms

Document
text/html

13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

90823c70b96feddc867f27fbb76c048797da97b9918b5ce0b6446aab3978b8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 12 Jan 2022 11:20:52 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate must-revalidate, private
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff nosniff
Strict-Transport-Security: max-age=31536000 max-age=31536000; includeSubDomains; p$
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Access-Control-Allow-Origin: https://insurance.welnext.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Access-Control-Allow-Methods: POST, GET
Access-Control-Max-Age: 1000
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 12 Jan 2022 11:20:52 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Location: https://insurance.welnext.com/
Content-Length: 238
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bootstrap.min.css
insurance.welnext.com/assets/public/bower_components/bootstrap/dist/css/ 118 KB
119 KB 182ms
182ms Stylesheet
text/css 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/public/bower_components/bootstrap/dist/css/bootstrap.min.css

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 121200
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:50:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1d970-5c7caaf313314"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK AdminLTE.min.css
insurance.welnext.com/assets/public/dist/css/ 90 KB
90 KB 550ms
183ms Stylesheet
text/css 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/public/dist/css/AdminLTE.min.css

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

2bd07ac2f177d1f321e833336c9e551ba3b8d147aec41bd4d338db6da94a34fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 1000
Connection: Upgrade, Keep-Alive
Content-Length: 91916
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:47:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1670c-5c7caa3723ad5"
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
Access-Control-Allow-Methods: POST, GET
Upgrade: h2,h2c
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery-2.1.4.min.js Show response
insurance.welnext.com/assets/js/ 82 KB
83 KB 555ms
188ms Script
application/javascript 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/js/jquery-2.1.4.min.js

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 1000
Connection: Upgrade, Keep-Alive
Content-Length: 84345
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:42:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "14979-5c7ca93f1a5b9"
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
Access-Control-Allow-Methods: POST, GET
Upgrade: h2,h2c
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.form.js Show response
insurance.welnext.com/assets/js/ 41 KB
42 KB 552ms
184ms Script
application/javascript 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/js/jquery.form.js

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e7ef8ed3cdcccdac5a1de16d1c85882f69d4189ead7edf7ea52faba1c6862460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 1000
Connection: Upgrade, Keep-Alive
Content-Length: 41892
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:42:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a3a4-5c7ca93fddabc"
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
Access-Control-Allow-Methods: POST, GET
Upgrade: h2,h2c
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.validate.js Show response
insurance.welnext.com/assets/js/ 37 KB
38 KB 562ms
187ms Script
application/javascript 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/js/jquery.validate.js

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

514718de818a1a495f1dc5b3698e499aebfd1f1959acc95c60b4a8223b25aa4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 1000
Connection: Upgrade, Keep-Alive
Content-Length: 38144
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:42:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "9500-5c7ca94084a9f"
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
Access-Control-Allow-Methods: POST, GET
Upgrade: h2,h2c
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 94ms
49ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a10d9072c0ccbe08db5c0bb630feb612ebf22edb04c3745836d119737d2f8d20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 11:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Wed, 12 Jan 2022 11:20:53 GMT

GET
H/1.1 200
OK aes.js Show response
insurance.welnext.com/assets/js/ 13 KB
14 KB 562ms
188ms Script
application/javascript 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/js/aes.js

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 1000
Connection: Upgrade, Keep-Alive
Content-Length: 13360
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:42:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3430-5c7ca93db5e94"
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
Access-Control-Allow-Methods: POST, GET
Upgrade: h2,h2c
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK md5.js Show response
insurance.welnext.com/assets/js/ 9 KB
10 KB 726ms
181ms Script
application/javascript 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/js/md5.js

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 9606
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:42:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2586-5c7ca940a7d1f"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK image-logo-welnext.png
insurance.welnext.com/assets/public/dist/img/ 12 KB
13 KB 184ms
184ms Image
image/png 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insurance.welnext.com/assets/public/dist/img/image-logo-welnext.png

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

70c97a294ad541f17820537a35fd413073f5b0c6bcabde1c9f410564f97c448c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 12442
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:47:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "309a-5c7caa37ebdf9"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK welnextapp.png
insurance.welnext.com/assets/images/ 6 KB
6 KB 183ms
183ms Image
image/png 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insurance.welnext.com/assets/images/welnextapp.png

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

999c1fe98b861b9908896a8735035d718bbe2098bd7df5ace9e390a8b2e09b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 5813
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:41:25 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "16b5-5c7ca8f4cbd32"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ 352 KB
140 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://insurance.welnext.com/
Origin: https://insurance.welnext.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 11:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142561
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 11:17:07 GMT

GET
H/1.1 200
OK home-banner-doctor.jpg
insurance.welnext.com/assets/public/dist/img/ 147 KB
148 KB 183ms
183ms Image
image/jpeg 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insurance.welnext.com/assets/public/dist/img/home-banner-doctor.jpg

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

92b418448432170462ae7202637a5cb8a4ff129178c72df41d0da15445d1d7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 150922
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:47:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "24d8a-5c7caa37e21b8"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
insurance.welnext.com/assets/public/bower_components/bootstrap/dist/fonts/ 18 KB
18 KB 188ms
187ms Font
text/plain 13.126.209.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.welnext.com/assets/public/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: insurance.welnext.com
URL: https://insurance.welnext.com/assets/public/bower_components/bootstrap/dist/css/bootstrap.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.209.204 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-126-209-204.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://insurance.welnext.com/assets/public/bower_components/bootstrap/dist/css/bootstrap.min.css
Origin: https://insurance.welnext.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 11:20:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; p$
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 18028
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: x-csrf-token, authorization, conten$
Last-Modified: Fri, 23 Jul 2021 13:50:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "466c-5c7caaf3db637"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: https://insurance.welnext.com
Cache-Control: must-revalidate, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C4F9 41 KB
21 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg&co=aHR0cHM6Ly9pbnN1cmFuY2Uud2VsbmV4dC5jb206NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=d7jv7d76j9i3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6eff04b6064f8062a9065e68d266bb0da75ffbf8e3ff717baadd040147a10245

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Arf5ynE0N39I1faXCHt6nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://insurance.welnext.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Jan 2022 11:20:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-Arf5ynE0N39I1faXCHt6nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21315
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame C4F9 51 KB
24 KB 46ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg&co=aHR0cHM6Ly9pbnN1cmFuY2Uud2VsbmV4dC5jb206NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=d7jv7d76j9i3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 09:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24158
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 09:32:41 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame C4F9 352 KB
139 KB 53ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 11:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142561
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 11:17:07 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C4F9 2 KB
2 KB 18ms
17ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 29724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 19 Jan 2022 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C4F9 15 KB
16 KB 69ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 86569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C4F9 15 KB
15 KB 74ms
31ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:37:08 GMT
x-content-type-options: nosniff
age: 449026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 06:37:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C4F9 102 B
134 B 29ms
28ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbecd7098b07528fa43facb46bb3c5bda20951f7129c506f3d910fbe9ab9fd9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg&co=aHR0cHM6Ly9pbnN1cmFuY2Uud2VsbmV4dC5jb206NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=d7jv7d76j9i3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 11:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Jan 2022 11:20:54 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame C4F9 29 KB
16 KB 72ms
72ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bccd523d24f6b8bae159810225ae1c7eefc0057594b45899246bd6e97f91d1fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_vqgUAAAAAGukH7t60g7RT0mHhPn85011Mgpg&co=aHR0cHM6Ly9pbnN1cmFuY2Uud2VsbmV4dC5jb206NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=d7jv7d76j9i3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 12 Jan 2022 11:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16470
x-xss-protection: 1; mode=block
expires: Wed, 12 Jan 2022 11:20:54 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:25:38	Name: _GRECAPTCHA Value: 09ABBMTcMydF8KYPTnGE8CvQ2wUO41cCihDTPGJPzvirCPg5-kSyvdRB_Sw2YwpvTIX3AmQYpDwVUvnbeeOI9YGPM
.insurance.welnext.com/	1970-01-20 00:06:28	Name: ci_gowelnext_csrf_cookie_name Value: 62bf226c9b7fd078380ea4b14461f935
.insurance.welnext.com/	1970-01-20 00:06:33	Name: PHPSESSID Value: 6upjm9723v2g3ji6ai7vd1k6955mgvoi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains; p$
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
insurance.welnext.com
www.google.com
www.gstatic.com
13.126.209.204
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2bd07ac2f177d1f321e833336c9e551ba3b8d147aec41bd4d338db6da94a34fc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54
514718de818a1a495f1dc5b3698e499aebfd1f1959acc95c60b4a8223b25aa4c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6eff04b6064f8062a9065e68d266bb0da75ffbf8e3ff717baadd040147a10245
70c97a294ad541f17820537a35fd413073f5b0c6bcabde1c9f410564f97c448c
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
90823c70b96feddc867f27fbb76c048797da97b9918b5ce0b6446aab3978b8c5
92b418448432170462ae7202637a5cb8a4ff129178c72df41d0da15445d1d7f2
999c1fe98b861b9908896a8735035d718bbe2098bd7df5ace9e390a8b2e09b0a
a10d9072c0ccbe08db5c0bb630feb612ebf22edb04c3745836d119737d2f8d20
bccd523d24f6b8bae159810225ae1c7eefc0057594b45899246bd6e97f91d1fe
cbecd7098b07528fa43facb46bb3c5bda20951f7129c506f3d910fbe9ab9fd9c
d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524
e7ef8ed3cdcccdac5a1de16d1c85882f69d4189ead7edf7ea52faba1c6862460
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

insurance.welnext.com Open in urlscan Pro 13.126.209.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

968 kBTransfer

1443 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

insurance.welnext.com Open in urlscan Pro
13.126.209.204 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

968 kB
Transfer

1443 kB
Size

3
Cookies

22 HTTP transactions
0 data transactions