kit.coterieinsurance.com Open in urlscan Pro
40.87.70.95  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kit.coterieinsurance.com/	5 KB 2 KB	590ms 122ms	Document text/html	40.87.70.95 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://kit.coterieinsurance.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.87.70.95 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash e44e9454ec373f94cb5aea874788e99a61f4d270b38dc79b18e4b960d692a646 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 1697 content-type text/html date Fri, 10 Feb 2023 19:45:06 GMT etag "04235c8ec34d91:0" last-modified Mon, 30 Jan 2023 20:52:36 GMT vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	formotiv-min.js Show response cdn.formotiv.com/	55 KB 15 KB	122ms 23ms	Script application/javascript	2600:9000:21f3:6a00:15:b7f2:e200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.formotiv.com/formotiv-min.js Requested by Host: kit.coterieinsurance.com URL: https://kit.coterieinsurance.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6a00:15:b7f2:e200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 839947add0d582e5c21890646c66d059ab51c336fa8725ada20efb4191a362f2 Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 06:30:43 GMT x-amz-version-id m4RzKemFoGctBiA2gy6NDJZoCNLJj0Oj content-encoding br last-modified Thu, 02 Feb 2023 18:43:38 GMT server AmazonS3 via 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"fe11fcf49aeb263e621960cf1fa684b8" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript age 47664 x-amz-cf-id nFy7D2WjMF_J3tgT5WbZjs7QbWAtwhgXNE3N6j2BI7g-vMhMuEOMug==
GET H2	200	main.476ccef9.js kit.coterieinsurance.com/static/js/	3 MB 0	579ms 579ms	Script application/x-javascript	40.87.70.95 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://kit.coterieinsurance.com/static/js/main.476ccef9.js Requested by Host: kit.coterieinsurance.com URL: https://kit.coterieinsurance.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.87.70.95 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 19:45:06 GMT content-encoding gzip last-modified Mon, 30 Jan 2023 20:52:38 GMT etag "06f66c9ec34d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript accept-ranges bytes
GET H2	200	main.da4b824e.css kit.coterieinsurance.com/static/css/	173 KB 27 KB	579ms 578ms	Stylesheet text/css	40.87.70.95 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://kit.coterieinsurance.com/static/css/main.da4b824e.css Requested by Host: kit.coterieinsurance.com URL: https://kit.coterieinsurance.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.87.70.95 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 4e3ffa020903c1cfb1c05cf3c226a489d7a657da91740f55083c13c4b710da84 Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 19:45:06 GMT content-encoding gzip last-modified Mon, 30 Jan 2023 20:52:36 GMT etag "04235c8ec34d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 27595
GET H/1.1	200 OK	esw.min.js Show response service.force.com/embeddedservice/5.0/	30 KB 9 KB	2124ms 22ms	Script application/x-javascript	161.71.2.38 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.min.js Requested by Host: kit.coterieinsurance.com URL: https://kit.coterieinsurance.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.2.38 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr3.um4-lo2.force.com Software / Resource Hash 598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Fri, 10 Feb 2023 19:25:42 GMT Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Referrer-Policy origin-when-cross-origin Last-Modified Thu, 06 Oct 2022 23:36:44 GMT Content-Encoding gzip Age 1166 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 Accept-Ranges bytes X-Robots-Tag none Content-Length 8312 X-XSS-Protection 1; mode=block Expires Sat, 11 Feb 2023 19:25:42 GMT
GET H2	200	hotjar-2514299.js Show response static.hotjar.com/c/	8 KB 4 KB	676ms 372ms	Script application/javascript	13.225.78.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2514299.js?sv=6 Requested by Host: kit.coterieinsurance.com URL: https://kit.coterieinsurance.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-69.fra2.r.cloudfront.net Software / Resource Hash 557231fbd1e1027f39047c6de286ef9ee3f2ba428ab955fdda4597f5da8bdf4d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Fri, 10 Feb 2023 19:45:07 GMT via 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/a0bf0f556cb267d842e1005ecd376ae1 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id YI8LsVmHLcsJkUOcz_j-f4c2gqAqS4Xv8Iox72kTav4t4uW8gRLuzA==
GET H2	200	pendo.js Show response cdn.pendo.io/agent/static/3948046f-d9c0-4733-52b0-8b736d54192c/	404 KB 134 KB	119ms 34ms	Script application/javascript	2600:9000:2057:2400:1f:aa31:7740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/3948046f-d9c0-4733-52b0-8b736d54192c/pendo.js Requested by Host: kit.coterieinsurance.com URL: https://kit.coterieinsurance.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:2400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash cc990dfb7db4ba276be865fa0396390e2ba227890780f81ce9f1daeaa11ba0f3 Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 19:39:18 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 348 x-guploader-uploadid ADPycduGqlfJ1cFJeKKwfj9lvWqXPf39N91_i5zw_czAQpgsDMUMJmYcawlE8PeSUhziCyheH1T79-XduMH07NT3b2gvlg x-cache Hit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 136479 last-modified Thu, 09 Feb 2023 19:10:26 GMT server UploadServer etag "3c19d7287524cebf43096898a8a063d7" vary Accept-Encoding x-goog-generation 1675969826549410 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=q6hKww==, md5=PBnXKHUkzr9DCWiYqKBj1w== access-control-expose-headers * cache-control max-age=450 x-goog-stored-content-length 136479 accept-ranges bytes x-amz-cf-id zDZgqUZZ-uFYEw-kiqqA8Xo2WJeVJo0BvxGI6jtYUZkt-D3HtUssPA== expires Fri, 10 Feb 2023 19:46:48 GMT
GET H2	200	modules.08d4f065a7a29306a4f1.js Show response script.hotjar.com/	261 KB 67 KB	89ms 12ms	Script application/javascript	13.224.189.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.08d4f065a7a29306a4f1.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2514299.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-26.fra2.r.cloudfront.net Software / Resource Hash 4cd4aaecdabe71bda5b5c1f56b18aa7934f2923963b860cc1875f7e85e7c9f97 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://kit.coterieinsurance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 14:54:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 17461 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68067 last-modified Fri, 10 Feb 2023 14:53:53 GMT etag "92a0e284b398aa5019198b4c945d2414" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id _vSL2LoWHjzg0Ymap8papDMd-ly50KoCM6oHawcrvFVnW_2-PCCk4g==
GET H2	200	box-e031119f9e9e307a08fa610f85dbfb52.html Show response vars.hotjar.com/ Frame EF74	2 KB 1 KB	530ms 11ms	Document text/html	13.224.189.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2514299.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-67.fra2.r.cloudfront.net Software / Resource Hash f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://kit.coterieinsurance.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 628524 cache-control max-age=31536000 content-encoding br content-length 1034 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 03 Feb 2023 13:10:06 GMT etag "112fdf47cdb80b9ce3d033ed09717460" last-modified Fri, 03 Feb 2023 13:09:45 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront) x-amz-cf-id vkJEVMoAXm5cK33MgqYys-TqywJoqsYUoYRrMDp8ZPRlRqee6lvsHg== x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront x-robots-tag none
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2514299/	147 B 323 B	1067ms 350ms	XHR application/json	54.217.89.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2514299/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.08d4f065a7a29306a4f1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.217.89.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-217-89-14.eu-west-1.compute.amazonaws.com Software / Resource Hash 7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b Request headers Referer https://kit.coterieinsurance.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 10 Feb 2023 19:45:31 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| formotiv function| hj object| _hjSettings object| pendo object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| embedded_svc function| initESW

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.coterieinsurance.com/	1970-01-20 18:19:54	Name: _hjSessionUser_2514299 Value: eyJpZCI6ImQ4NzM2MjgyLTFiOWUtNTk1OC04YjhjLTUzYzc3NWU2Mjk1MyIsImNyZWF0ZWQiOjE2NzYwNTgzMDc3MTEsImV4aXN0aW5nIjpmYWxzZX0=
			.coterieinsurance.com/	1970-01-20 09:34:20	Name: _hjFirstSeen Value: 1
			kit.coterieinsurance.com/	1970-01-20 09:34:18	Name: _hjIncludedInSessionSample Value: 0
			.coterieinsurance.com/	1970-01-20 09:34:20	Name: _hjSession_2514299 Value: eyJpZCI6ImMxZDdiOTc4LWU0ZWEtNDJlMi1iZjM5LTY4MWE3MzRiZTI1NCIsImNyZWF0ZWQiOjE2NzYwNTgzMzA0NjEsImluU2FtcGxlIjpmYWxzZX0=
			kit.coterieinsurance.com/	1970-01-20 09:34:18	Name: _hjIncludedInPageviewSample Value: 1
			.coterieinsurance.com/	1970-01-20 09:34:20	Name: _hjAbsoluteSessionInProgress Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.coterieinsurance.com/static/js/main.476ccef9.js Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.formotiv.com
cdn.pendo.io
in.hotjar.com
kit.coterieinsurance.com
script.hotjar.com
service.force.com
static.hotjar.com
vars.hotjar.com
13.224.189.26
13.224.189.67
13.225.78.69
161.71.2.38
2600:9000:2057:2400:1f:aa31:7740:93a1
2600:9000:21f3:6a00:15:b7f2:e200:93a1
40.87.70.95
54.217.89.14
4cd4aaecdabe71bda5b5c1f56b18aa7934f2923963b860cc1875f7e85e7c9f97
4e3ffa020903c1cfb1c05cf3c226a489d7a657da91740f55083c13c4b710da84
557231fbd1e1027f39047c6de286ef9ee3f2ba428ab955fdda4597f5da8bdf4d
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b
839947add0d582e5c21890646c66d059ab51c336fa8725ada20efb4191a362f2
cc990dfb7db4ba276be865fa0396390e2ba227890780f81ce9f1daeaa11ba0f3
e44e9454ec373f94cb5aea874788e99a61f4d270b38dc79b18e4b960d692a646
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e