myinsurance.ndgroup.com Open in urlscan Pro
40.143.213.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://myinsurance.ndgroup.com/
Effective URL:
https://myinsurance.ndgroup.com/
Submission: On October 31 via api (October 31st 2024, 9:53:56 am UTC) from US — Scanned from CA

Summary HTTP 31 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 31 HTTP transactions. The main IP is 40.143.213.70, located in Falmouth, United States and belongs to AS17378, US. The main domain is myinsurance.ndgroup.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 30th 2024. Valid for: a year.

This is the only time myinsurance.ndgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	40.143.213.70 40.143.213.70	17378 (AS17378) (AS17378)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::6a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::71	15169 (GOOGLE) (GOOGLE)
31	6

26 40.143.213.70 (Falmouth, United States)

ASN17378 (AS17378, US)

myinsurance.ndgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::6a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	ndgroup.com myinsurance.ndgroup.com	1 MB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	gstatic.com www.gstatic.com	216 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	969 B
31	5

	Domain	Requested by
26	myinsurance.ndgroup.com	myinsurance.ndgroup.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	myinsurance.ndgroup.com
1	www.google.com	myinsurance.ndgroup.com
31	5

This site contains links to these domains. Also see Links.

Domain
www.ndgroup.com
itunes.apple.com
www3.ambest.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.ndgroup.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-30`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://myinsurance.ndgroup.com/
Frame ID: 4D5408A836FC7C22F8D7945AA1729FFF
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | My Insurance

Page URL History Show full URLs

http://myinsurance.ndgroup.com/ HTTP 307
https://myinsurance.ndgroup.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

31
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

1507 kB
Transfer

2633 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ndgroup.com/

Search URL Search Domain Scan URL

URL: https://www.ndgroup.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/my-insurance-mobile-account/id1094321501?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://www.ndgroup.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www3.ambest.com/ratings/entities/CompanyProfile.aspx?BL=0&ambnum=2367&AltNum=20352367&AltSrc=3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheNDGroup

Search URL Search Domain Scan URL

URL: https://twitter.com/NorfolkDedham

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/n&d

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://myinsurance.ndgroup.com/ HTTP 307
https://myinsurance.ndgroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
myinsurance.ndgroup.com/
Redirect Chain

http://myinsurance.ndgroup.com/
https://myinsurance.ndgroup.com/

35 KB
37 KB

685ms
162ms

Document
text/html

40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

bf407d1fbd61a17e4ff812b7cc26cdc33e60d169822bfdb53c8d101ecf6ed627

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-language: en-CA
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-type: text/html;charset=UTF-8
date: Thu, 31 Oct 2024 09:53:49 GMT
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

Location: https://myinsurance.ndgroup.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
myinsurance.ndgroup.com/css/ 104 KB
21 KB 94ms
86ms Stylesheet
text/css 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/css/bootstrap.min.css

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

66b9783eb8951a12f84816ebc070c3d4e5f67647ca7db8e14f61ce4c5a853254

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "085d4c02-c590-4f4d-8c95-f0778968ea6b"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 20184
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: text/css
content-language: en-US
x-frame-options: deny

GET
H2 200 bootstrap-customizations.css
myinsurance.ndgroup.com/css/ 41 KB
11 KB 121ms
112ms Stylesheet
text/css 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/css/bootstrap-customizations.css

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

ff112ad8ca68c17a80826235e1b5984d29d42a18f2787d7e4bc0ee642b8c146f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "93e1882d-9e33-4450-b35b-3cd1cf571ff9"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 10055
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 09 Mar 2024 04:01:24 GMT
content-type: text/css
content-language: en-US
x-frame-options: deny

GET
H2 200 bootstrap-responsive.css
myinsurance.ndgroup.com/css/ 29 KB
8 KB 122ms
114ms Stylesheet
text/css 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/css/bootstrap-responsive.css

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

e84d1e7d388a4d46ff26bfa63cc98679facdb050c9c8dc9c6ff99ec1c08bdaeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "d0e01bf1-65b5-4c03-bea0-37e85286a8f2"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 6479
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: text/css
content-language: en-US
x-frame-options: deny

GET
H2 200 jquery-ui-1.10.4.custom.css
myinsurance.ndgroup.com/css/ 23 KB
6 KB 211ms
204ms Stylesheet
text/css 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/css/jquery-ui-1.10.4.custom.css?1

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

cd757687f2128be70c5ffc0aa54b486fd4e43c134cefc30025fb2b31328d1d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
accept-ranges: bytes
content-length: 4751
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: text/css
content-language: en-CA
x-frame-options: deny

GET
H2 200 font-awesome.min.css
myinsurance.ndgroup.com/plugins/font-awesome/assets/css/ 22 KB
6 KB 1035ms
1028ms Stylesheet
text/css 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/plugins/font-awesome/assets/css/font-awesome.min.css?ver=3.2.1

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

43a400cc4c30fc5e45147e54c0de460616b91a9b51714f249ca9af92e8585af9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
accept-ranges: bytes
content-length: 4846
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: text/css
content-language: en-CA
x-frame-options: deny

GET
H2 200 jquery-3.5.1.min.js Show response
myinsurance.ndgroup.com/js/ 87 KB
35 KB 139ms
132ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/jquery-3.5.1.min.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "4116dbdb-69c8-43c2-b77a-55ec0356e091"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 33854
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 jquery-migrate-3.3.1.min.js Show response
myinsurance.ndgroup.com/js/ 11 KB
6 KB 166ms
159ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/jquery-migrate-3.3.1.min.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

90a8d6a27a26f746b4b263102f4fe120e956d99e3789325aafc7d6b7ca0ff0e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "44f9a0df-de9f-4531-9f1e-260edf14d6c2"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 4245
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 jquery-migrate-3.0.1.min.js Show response
myinsurance.ndgroup.com/js/ 11 KB
5 KB 167ms
161ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/jquery-migrate-3.0.1.min.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

1589fc7479100b06d2da4d7457313104228fb0403aa9129e269306667df52039

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "03b24d8f-5fa6-42cf-8d05-c917c5bd9e7d"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 3792
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 jquery-migrate-1.4.1.min.js Show response
myinsurance.ndgroup.com/js/ 10 KB
6 KB 166ms
160ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/jquery-migrate-1.4.1.min.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "c168f740-eb0b-4561-8ba3-3c7d11fe2080"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 4200
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 accountManagement.js Show response
myinsurance.ndgroup.com/js/ 23 KB
6 KB 168ms
161ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/accountManagement.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

13212758ff44aa811f98cc59c4ee850361876acdfd8b96fc460b545966333d0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "14679e2b-4473-4e60-883c-bc7bd3096be0"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 4842
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 04 May 2024 04:15:08 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 ndaccess.js Show response
myinsurance.ndgroup.com/js/ 14 KB
5 KB 1033ms
1027ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/ndaccess.js?4

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

f32e9f15be3bb9478b0b40426a7dd961a474c0ed2dbbd4d66eaa617a2ac3591a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
accept-ranges: bytes
content-length: 3307
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 04 May 2024 04:15:08 GMT
content-type: application/javascript
content-language: en-CA
x-frame-options: deny

GET
H2 200 bootstrap.js Show response
myinsurance.ndgroup.com/js/ 63 KB
15 KB 169ms
163ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/bootstrap.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

b0171731792c62a9a447d08fbbe9aa8908d4fb5db8114591bc9a6e2b6531e636

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "8b9e3c90-d8be-4025-90f2-b078fb3631ce"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 13301
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 bootstrap-button.js Show response
myinsurance.ndgroup.com/js/ 3 KB
3 KB 191ms
186ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/bootstrap-button.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

d28ca02b72ab113994b03d869dffdc5a114ac723a72354e7011f94514f5c2ad1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "a05655d9-8831-40b1-b286-244cf5296c83"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 1268
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 bootstrap-popover.js Show response
myinsurance.ndgroup.com/js/ 3 KB
3 KB 191ms
186ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/bootstrap-popover.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

63b63f9d727aa0c0e0880428e61794ebc5b05b6d4d4f28d6b214e2d9574036be

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "f9028f35-0c4c-45c2-ba1b-4c11c70d7d46"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 1314
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 bootstrap-dropdown.js Show response
myinsurance.ndgroup.com/js/ 4 KB
3 KB 192ms
187ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/bootstrap-dropdown.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

e283c0048213846bc03161bbf7889f15cfbdb6eec36208844b67fa1693f601e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "b4104f41-7ba2-4673-b8c7-e46b2f9b2ea6"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 1717
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H2 200 jquery-ui.min.js Show response
myinsurance.ndgroup.com/js/jquery-ui-1.13.2/ 249 KB
77 KB 192ms
187ms Script
application/javascript 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/js/jquery-ui-1.13.2/jquery-ui.min.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "63f18e7f-82bb-420b-b671-48f4e47dea28"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 77245
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 31 Dec 2022 01:23:56 GMT
content-type: application/javascript
content-language: en-US
x-frame-options: deny

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 290ms
94ms Script
text/javascript 2607:f8b0:400d:c0d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::6a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 09:53:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 31 Oct 2024 09:53:49 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
108 KB 452ms
115ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CV1Z3KLK3Q

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ab8180292270bd4d3af478ce0ec1976b66b2a87f914a6b3f9e9afeb421004c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 31 Oct 2024 09:53:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 09:53:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110360
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 website-logo.jpg
myinsurance.ndgroup.com/img/ 10 KB
12 KB 192ms
188ms Image
image/jpeg 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.ndgroup.com/img/website-logo.jpg

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

b24d3f9377141684f379181014e302d10f0c253b68f85b793c74c184fa967463

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
etag: "1e294a21-f3e7-4328-b32f-40afa7c7d37b"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 10333
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/jpeg
content-language: en-US
x-frame-options: deny

GET
H2 200 myi_landing.png
myinsurance.ndgroup.com/images/ 726 KB
728 KB 173ms
173ms Image
image/png 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.ndgroup.com/images/myi_landing.png

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

3fa62869f41dd666731bd41a656b0c6e7b9f44e95b68a02fd1f1f0bb8ac04037

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
etag: "3893903a-3918-4a80-9aa7-0194dc524442"
age: 2871
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 743555
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/png
content-language: en-US
x-frame-options: deny

GET
H2 200 MyInsuranceEmail.png
myinsurance.ndgroup.com/img/ 3 KB
4 KB 1456ms
1455ms Image
image/png 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.ndgroup.com/img/MyInsuranceEmail.png

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

079a91e27e770e8fa99f862b81005ef08cc0d583bcda2a911a54f1f50f2a77ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
etag: "d624f695-6250-48cd-9bb3-f9543b48db2e"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 2887
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/png
content-language: en-US
x-frame-options: deny

GET
H2 200 icon-best.png
myinsurance.ndgroup.com/img/ 7 KB
8 KB 555ms
544ms Image
image/png 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.ndgroup.com/img/icon-best.png

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

d74101cccabce4b1cef420a14416c4f6fd1237121902f1742575ed1833e40c5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
etag: "b8ea6a0b-3ca7-411c-8e5a-3f4628ffb838"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 6997
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:50 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/png
content-language: en-US
x-frame-options: deny

GET
H2 200 apple_app_store_icon.png
myinsurance.ndgroup.com/img/ 4 KB
6 KB 556ms
545ms Image
image/png 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.ndgroup.com/img/apple_app_store_icon.png

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

18cf806556d6292f25d4d42c3b789e5fb587179c0f974770bcabd6e9075b78c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
etag: "8a3302d8-41d8-4671-95f4-d96d844b1a2e"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 4081
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:50 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/png
content-language: en-US
x-frame-options: deny

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 474ms
185ms Script
text/javascript 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myinsurance.ndgroup.com
Referer: https://myinsurance.ndgroup.com/

Response headers

content-encoding: gzip
age: 582081
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 16:12:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 16:12:30 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

GET
H2 200 website-logo.jpg
myinsurance.ndgroup.com/img/ 10 KB
0 2ms
2ms Image
image/jpeg 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.ndgroup.com/img/website-logo.jpg

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

b24d3f9377141684f379181014e302d10f0c253b68f85b793c74c184fa967463

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
etag: "1e294a21-f3e7-4328-b32f-40afa7c7d37b"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 10333
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:49 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/jpeg
content-language: en-US
x-frame-options: deny

GET
H2 200 OpenSans-Regular.ttf
myinsurance.ndgroup.com/css_styles/bootstrap/fonts/ 212 KB
120 KB 532ms
530ms Font
application/x-font-ttf 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/css_styles/bootstrap/fonts/OpenSans-Regular.ttf

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/css/bootstrap-customizations.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myinsurance.ndgroup.com
Referer: https://myinsurance.ndgroup.com/css/bootstrap-customizations.css

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "e754f13c-3436-438c-9c79-9c8b5e46b3f1"
age: 2872
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 120702
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:50 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/x-font-ttf
content-language: en-US
x-frame-options: deny

GET
H2 200 fontawesome-webfont.woff
myinsurance.ndgroup.com/plugins/font-awesome/assets/font/ 43 KB
44 KB 670ms
669ms Font
application/font-woff 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/plugins/font-awesome/assets/font/fontawesome-webfont.woff?v=3.2.1

Requested by

Host: myinsurance.ndgroup.com
URL: https://myinsurance.ndgroup.com/plugins/font-awesome/assets/css/font-awesome.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myinsurance.ndgroup.com
Referer: https://myinsurance.ndgroup.com/plugins/font-awesome/assets/css/font-awesome.min.css?ver=3.2.1

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
accept-ranges: bytes
content-length: 43572
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:50 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: application/font-woff
content-language: en-CA
x-frame-options: deny

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 575ms
154ms Fetch
text/plain 2607:f8b0:400d:c0d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CV1Z3KLK3Q&gtm=45je4as0v9184195800za200&_p=1730368430877&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629~102015665&cid=1934623940.1730368431&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730368431&sct=1&seg=0&dl=https%3A%2F%2Fmyinsurance.ndgroup.com%2F&dt=Login%20%7C%20My%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2461
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CV1Z3KLK3Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://myinsurance.ndgroup.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 09:53:51 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon.ico
myinsurance.ndgroup.com/ 15 KB
5 KB 108ms
107ms Other
image/x-icon 40.143.213.70
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.ndgroup.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.143.213.70 Falmouth, United States, ASN17378 (AS17378, US),

Reverse DNS

Software

Resource Hash

ddaf752cb09dda32f1984c4374d978b53b5a6bb4d59e1fecae4b7d9435057f5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myinsurance.ndgroup.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; img-src 'self' data: *.google.com www.googletagmanager.com *.googleapis.com *.ggpht.com *.gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://*.ndgroup.com *.ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js *.google.com googletagmanager.com *.google-analytics.com *.googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com *.gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net *.google-analytics.com; frame-src blob: http://www.ndgroup.com *.ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' *.ndgroup.com ndgroup.com; media-src 'self' gstatic.com *.gstatic.com *.ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
content-encoding: gzip
etag: "9f8b91f5-d9ed-4f93-991c-b7b8159f1fee"
age: 2873
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self), geolocation=(self), camera=(), microphone=()
content-length: 3491
x-xss-protection: 1; mode=block
date: Thu, 31 Oct 2024 09:53:51 GMT
last-modified: Sat, 12 Nov 2022 05:45:30 GMT
content-type: image/x-icon
content-language: en-US
x-frame-options: deny

POST collect
www.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CV1Z3KLK3Q&gtm=45je4as0v9184195800za200&_p=1730368430877&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629~102015665&cid=1934623940.1730368431&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730368431&sct=1&seg=0&dl=https%3A%2F%2Fmyinsurance.ndgroup.com%2F&dt=Login%20%7C%20My%20Insurance&en=scroll&epn.percent_scrolled=90&_et=7&tfd=7473

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myinsurance.ndgroup.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: G_72eObH_ZofxyEi-TBvBB5pftXLO9dHwbiCiYMX.test
.ndgroup.com/	1970-01-21 10:15:28	Name: _ga Value: GA1.1.1934623940.1730368431
.ndgroup.com/	1970-01-21 10:15:28	Name: _ga_CV1Z3KLK3Q Value: GS1.1.1730368431.1.0.1730368431.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://myinsurance.ndgroup.com/ Message: [DOM] Found 2 elements with non-unique id #emailAddress: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://myinsurance.ndgroup.com/ Message: [DOM] Found 2 elements with non-unique id #login: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: .google.com www.googletagmanager.com .googleapis.com .ggpht.com .gstatic.com https://stats.g.doubleclick.net http://maps.google.com/ https://.ndgroup.com .ndgroup.com; script-src 'self' https://www.googletagmanager.com https://www.gstatic.com/charts/loader.js .google.com googletagmanager.com .google-analytics.com .googleapis.com https://cdnjs.cloudflare.com https://code.jquery.com/j https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' .googleapis.com https://cdn.materialdesignicons.com; font-src 'self' https://cdn.joinhoney.com .gstatic.com https://cdn.materialdesignicons.com; connect-src 'self' https://pod2.spectrumtestsandbox.com www.googletagmanager.com stats.g.doubleclick.net .google-analytics.com; frame-src blob: http://www.ndgroup.com .ndgroup.com https://ipn.paymentus.com https://secure1.paymentus.com https://www.google.com/recaptcha/ https://www.invoicecloud.com; object-src 'self' .ndgroup.com ndgroup.com; media-src 'self' gstatic.com .gstatic.com .ndgroup.com ndgroup.com; report-uri /ContentSecurityPolicyLoggingReporter
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

myinsurance.ndgroup.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.google-analytics.com
2607:f8b0:400d:c01::61
2607:f8b0:400d:c04::5e
2607:f8b0:400d:c0d::6a
2607:f8b0:400d:c0d::71
40.143.213.70
079a91e27e770e8fa99f862b81005ef08cc0d583bcda2a911a54f1f50f2a77ab
13212758ff44aa811f98cc59c4ee850361876acdfd8b96fc460b545966333d0f
1589fc7479100b06d2da4d7457313104228fb0403aa9129e269306667df52039
18cf806556d6292f25d4d42c3b789e5fb587179c0f974770bcabd6e9075b78c6
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
2ab8180292270bd4d3af478ce0ec1976b66b2a87f914a6b3f9e9afeb421004c8
3fa62869f41dd666731bd41a656b0c6e7b9f44e95b68a02fd1f1f0bb8ac04037
43a400cc4c30fc5e45147e54c0de460616b91a9b51714f249ca9af92e8585af9
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
63b63f9d727aa0c0e0880428e61794ebc5b05b6d4d4f28d6b214e2d9574036be
667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4
66b9783eb8951a12f84816ebc070c3d4e5f67647ca7db8e14f61ce4c5a853254
90a8d6a27a26f746b4b263102f4fe120e956d99e3789325aafc7d6b7ca0ff0e4
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
b0171731792c62a9a447d08fbbe9aa8908d4fb5db8114591bc9a6e2b6531e636
b24d3f9377141684f379181014e302d10f0c253b68f85b793c74c184fa967463
bf407d1fbd61a17e4ff812b7cc26cdc33e60d169822bfdb53c8d101ecf6ed627
cd757687f2128be70c5ffc0aa54b486fd4e43c134cefc30025fb2b31328d1d2a
d28ca02b72ab113994b03d869dffdc5a114ac723a72354e7011f94514f5c2ad1
d74101cccabce4b1cef420a14416c4f6fd1237121902f1742575ed1833e40c5f
ddaf752cb09dda32f1984c4374d978b53b5a6bb4d59e1fecae4b7d9435057f5d
e283c0048213846bc03161bbf7889f15cfbdb6eec36208844b67fa1693f601e4
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
e84d1e7d388a4d46ff26bfa63cc98679facdb050c9c8dc9c6ff99ec1c08bdaeb
ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d
f32e9f15be3bb9478b0b40426a7dd961a474c0ed2dbbd4d66eaa617a2ac3591a
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
ff112ad8ca68c17a80826235e1b5984d29d42a18f2787d7e4bc0ee642b8c146f

myinsurance.ndgroup.com Open in urlscan Pro 40.143.213.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

6 IPs

1 Countries

1507 kBTransfer

2633 kBSize

3 Cookies

8 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

myinsurance.ndgroup.com Open in urlscan Pro
40.143.213.70 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

1507 kB
Transfer

2633 kB
Size

3
Cookies

31 HTTP transactions
0 data transactions