protectiveinsurancebrokers.ae Open in urlscan Pro
18.139.13.90 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Submission: On October 26 via api (October 26th 2024, 5:04:29 am UTC) from US — Scanned from SG

Summary HTTP 35 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 35 HTTP transactions. The main IP is 18.139.13.90, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is protectiveinsurancebrokers.ae.
TLS certificate: Issued by R10 on October 23rd 2024. Valid for: 3 months.

This is the only time protectiveinsurancebrokers.ae was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Filetransfer.io (Online)

Domain & IP information

	IP Address	AS Autonomous System
30	18.139.13.90 18.139.13.90	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	192.229.179.87 192.229.179.87	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.70.40.26 3.70.40.26	16509 (AMAZON-02) (AMAZON-02)
35	5

30 18.139.13.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: cpanel-009-sg.hostingww.com

protectiveinsurancebrokers.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.179.87 (United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.70.40.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-40-26.eu-central-1.compute.amazonaws.com

gate.gopay.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	protectiveinsurancebrokers.ae protectiveinsurancebrokers.ae	236 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	83 KB
1	gopay.cz gate.gopay.cz	4 KB
1	w3schools.com www.w3schools.com — Cisco Umbrella Rank: 20452	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	25 KB
35	5

	Domain	Requested by
30	protectiveinsurancebrokers.ae	protectiveinsurancebrokers.ae
2	cdnjs.cloudflare.com	protectiveinsurancebrokers.ae
1	gate.gopay.cz	protectiveinsurancebrokers.ae
1	www.w3schools.com	protectiveinsurancebrokers.ae
1	cdn.jsdelivr.net	protectiveinsurancebrokers.ae
35	5

This site contains links to these domains. Also see Links.

Domain
filetransfer.io
zip.filetransfer.io
palo-alto.cz

Subject Issuer	Validity	Valid
mail.protectiveinsurancebrokers.ae R10	`2024-10-23` - `2025-01-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.w3schools.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-03` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
gopay.cz Amazon RSA 2048 M02	`2024-03-31` - `2025-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Frame ID: E3FC631EAA406B9D5C9AAB4862EE4A61
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Data package from September 14th. - FileTransfer.io

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nette Framework (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+id="snippet-
<input[^>]+id="frm-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

35
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

354 kB
Transfer

1283 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://filetransfer.io/
Title: FileTransfer.io

Search URL Search Domain Scan URL

URL: https://filetransfer.io/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://filetransfer.io/premium
Title: Premium

Search URL Search Domain Scan URL

URL: https://filetransfer.io/contact/2/CQkJCXdoaWxlIHVzaW5nIEZpbGVUcmFuc2Zlci5pbyBhbiBlcnJvciAiJWVycm9ySWQlIiBvY2N1cnJlZC4gUGxlYXNlIGluZm9ybSBtZSBhYm91dCB0aGUgcHJvY2VzcyBvZiBmaXhpbmcgdGhpcyBlcnJvci4K
Title: here

Search URL Search Domain Scan URL

URL: http://zip.filetransfer.io/gC07uCtkQQCZ
Title: Download data package (5.53 MB)

Search URL Search Domain Scan URL

URL: http://palo-alto.cz/
Title: Palo Alto HiTec Solutions Czech, s.r.o.

Search URL Search Domain Scan URL

URL: https://filetransfer.io/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://filetransfer.io/frequent-questions
Title: FAQ

Search URL Search Domain Scan URL

URL: https://filetransfer.io/tos
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://filetransfer.io/enterprise
Title: Enterprise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
protectiveinsurancebrokers.ae/sample/Document_File/ 20 KB
5 KB 21ms
3ms Document
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 9c7916171c45d0aacf4644be72a678ca05016f0a28f57df7b7215bfca767d26a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 5266
content-type: text/html
date: Sat, 26 Oct 2024 05:04:24 GMT
last-modified: Wed, 23 Oct 2024 04:29:34 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 37ms
4ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
age: 4204289
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230097-FRA, cache-qpg1264-QPG
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25360
x-jsd-version: 5.0.2

GET
H2 200 maincab4.css
protectiveinsurancebrokers.ae/sample/Document_File/css/ 232 KB
26 KB 10ms
6ms Stylesheet
text/css 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 7cc2a299fb636730f4b39b49ba5f323f66bbc8cb0b89b54c82352736f4023f43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 26503
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/css
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 216ms
60ms Stylesheet
text/css 192.229.179.87
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.179.87 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9A9C) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/

Response headers

x-powered-by: ASP.NET
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
cache-control: public,max-age=31536000,public
content-encoding: gzip
etag: "0a29a965824db1:0+gzip"
age: 331950
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
accept-ranges: bytes
x-cache: HIT
content-length: 5256
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 08:01:24 GMT
server: ECS (hhp/9A9C)
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/ 94 KB
30 KB 61ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-176de"
age: 124373
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FazYFVAFmjH7EkS8GtU7mzAeMPI7i3c1MdK%2FX18QMlP0vtBmJ86nWqbsB3wIs3KzAGuXWL8dzn03OkPatYXv1Ml9OlcYoZ7rCtlABdIrEmj0vRKbK3d%2BjwVASHqFeAEZGyfa%2Bz2euD4qFiyBzxNg4Mrc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 05:04:24 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d87e7c76ef29c6b-SIN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29919
server: cloudflare

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/ 235 KB
54 KB 55ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-3ab2b"
age: 1909901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsY7%2FTJryUoBabPOa3mXvkOmiVFDySr%2FbERjPd5mt3UAD3%2FAzoeh%2BbEAGLzu7jBsXnMTlCx1ab720QwG7SzqxyDrYCHrPeCnUpiDTWiQVNymEBMpkbfqujRCAElOm8IgXyeQZ5XBC7CQRh0bqeD0T%2B4l"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 05:04:24 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d87e7c76eef9c6b-SIN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54095
server: cloudflare

GET
H2 200 embed.js Show response
gate.gopay.cz/gp-gw/js/ 7 KB
4 KB 683ms
226ms Script
application/javascript 3.70.40.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gate.gopay.cz/gp-gw/js/embed.js

Requested by

Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.40.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-40-26.eu-central-1.compute.amazonaws.com

Software

nginx / GOPAY

Resource Hash

752f118a6f2e69f881b38ef21cd6d6db01d6f0ad7b114ea8c8f1b067cc15c970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=5184000
content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 25 Dec 2024 05:04:24 GMT
access-control-allow-origin: *
date: Sat, 26 Oct 2024 05:04:24 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
x-powered-by: GOPAY
server: nginx
last-modified: Tue, 17 Sep 2024 13:16:00 GMT
x-node: appc-srvb.prod

GET
H2 200 preloader-primary-large.gif
protectiveinsurancebrokers.ae/sample/Document_File/img/ 19 KB
19 KB 6ms
5ms Image
image/gif 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/preloader-primary-large.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 3a266dee3e3a514b11a092c82a767766dcd79b0bf866d326be7c5ccae0d6d02d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 19285
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/gif
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 cloud.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 467 B
521 B 9ms
7ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/cloud.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: a7fb9a38c9334bca784d9be61d22dedc3ca020f316edd28a782bfeea48b8fb23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 467
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:42:54 GMT
server: LiteSpeed

GET
H2 200 user.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 1006 B
1 KB 9ms
7ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/user.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 56684be431834e03e8f36e347ea12a31c9349ad9c2423d7ccd4509fcac39e2dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 1006
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:44:54 GMT
server: LiteSpeed

GET
H2 200 chat.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 638 B
692 B 5ms
3ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/chat.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 9fa8998ed4faed6ee6ac4e4323e040f468d62c4b28c344247743b849efafccbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 638
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:43:48 GMT
server: LiteSpeed

GET
H2 200 marc.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 421 B
474 B 5ms
4ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/marc.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 9f4a9747be658185dc687a14e8e58719ca4d67499227556e05d36fb7c26aab32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 421
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:44:08 GMT
server: LiteSpeed

GET
H2 200 download.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 435 B
489 B 5ms
4ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/download.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: a7e5c8a5f818d2ae14517c92960b702f127d5ce77a2fd9ae9646ed1ef5847a9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 435
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:44:32 GMT
server: LiteSpeed

GET
H2 200 appcab4.js Show response
protectiveinsurancebrokers.ae/sample/Document_File/js/ 384 KB
93 KB 7ms
6ms Script
text/javascript 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/js/appcab4.js?v=ef9603
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: ed453010a634087addc2f08ee46c8e8be64b12fd7c5b091d871a5229a2660e45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 95309
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/javascript
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 serverconn.js Show response
protectiveinsurancebrokers.ae/sample/Document_File/js/ 7 KB
2 KB 17ms
14ms Script
text/javascript 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/js/serverconn.js
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: f24e6bce3388f57cb46bddc83d3f461aef73b5f7669080dfc320f68212b5800c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 1535
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/javascript
last-modified: Tue, 08 Oct 2024 22:36:28 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 background.jpg
protectiveinsurancebrokers.ae/sample/Document_File/img/ 13 KB
13 KB 6ms
6ms Image
image/jpeg 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/background.jpg
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 86cf5a1004dcca13b15db1dddf9d69e632b7e69463a14358c7b5473afeb5f7e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 13673
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 preloader-primary-large.gif
protectiveinsurancebrokers.ae/sample/Document_File/img/ 19 KB
0 1ms
1ms Image
image/gif 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/preloader-primary-large.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 3a266dee3e3a514b11a092c82a767766dcd79b0bf866d326be7c5ccae0d6d02d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 19285
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/gif
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 cloud.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 467 B
0 1ms
1ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/cloud.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: a7fb9a38c9334bca784d9be61d22dedc3ca020f316edd28a782bfeea48b8fb23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 467
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:42:54 GMT
server: LiteSpeed

GET
H2 200 marc.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 421 B
0 1ms
1ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/marc.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 9f4a9747be658185dc687a14e8e58719ca4d67499227556e05d36fb7c26aab32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 421
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:44:08 GMT
server: LiteSpeed

GET
H2 200 download.PNG
protectiveinsurancebrokers.ae/sample/Document_File/img/ 435 B
0 1ms
1ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/download.PNG
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: a7e5c8a5f818d2ae14517c92960b702f127d5ce77a2fd9ae9646ed1ef5847a9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 435
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 12:44:32 GMT
server: LiteSpeed

GET
H2 200 sprite.png
protectiveinsurancebrokers.ae/sample/Document_File/img/ 41 KB
41 KB 11ms
10ms Image
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/sprite.png
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 9a73e80c8cf44dbe8a3e6523eae6ee8efa86ebaf685a8abe5bcc4eef6c2bfe91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 41595
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/png
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 background-intro.jpg
protectiveinsurancebrokers.ae/sample/Document_File/img/ 2 KB
2 KB 10ms
9ms Image
image/jpeg 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/background-intro.jpg
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 37eda3560701a1d1f2c09cb5b04fde4c71f9199bdffea4cc85a36878bc6e2ca5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 2001
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/jpeg
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 preloader-inverse.gif
protectiveinsurancebrokers.ae/sample/Document_File/img/ 24 KB
24 KB 8ms
8ms Image
image/gif 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/preloader-inverse.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 1067fa752e0fcdf32f0f1fdde1b82ccf0f8d724e6e10d9dac7bdb7d9e0660c2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 24146
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: image/gif
last-modified: Mon, 07 Oct 2024 23:40:26 GMT
server: LiteSpeed

GET
H2 200 sourcesanspro-regular.woff
protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/ 165 B
204 B 9ms
8ms Font
font/woff 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-regular.woff
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 085c3c7697cf67aab30c29d412fc8afe78706df0d9e966f2684f4c766170a2ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 165
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: font/woff
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 sourcesanspro-semibold.woff
protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/ 166 B
197 B 8ms
8ms Font
font/woff 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-semibold.woff
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: af01abaa415c4bd71c71b10d6794ba2d6c5e232ac1fd45777e72cd7dbf4bed97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 166
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: font/woff
last-modified: Mon, 07 Oct 2024 23:40:28 GMT
server: LiteSpeed

GET
H2 200 icons.woff
protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/ 149 B
180 B 8ms
8ms Font
font/woff 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/icons.woff
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 8e569e6d420fbb1db0f2410688b4aed5a782a77eae9dd643b839b01fa8b7e533

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:24 GMT
accept-ranges: bytes
content-length: 149
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: font/woff
last-modified: Mon, 07 Oct 2024 23:40:26 GMT
server: LiteSpeed

GET
H2 404 preloader-primary-large.gif
protectiveinsurancebrokers.ae/img/ 1 KB
1 KB 6ms
3ms Image
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/img/preloader-primary-large.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 preloader-primary.gif
protectiveinsurancebrokers.ae/img/ 1 KB
1 KB 6ms
4ms Image
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/img/preloader-primary.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 preloader-alert.gif
protectiveinsurancebrokers.ae/img/ 1 KB
1 KB 7ms
5ms Image
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/img/preloader-alert.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 preloader-gray.gif
protectiveinsurancebrokers.ae/img/ 1 KB
1 KB 6ms
5ms Image
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/img/preloader-gray.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 preloader-inverse.gif
protectiveinsurancebrokers.ae/img/ 1 KB
1 KB 6ms
5ms Image
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protectiveinsurancebrokers.ae/img/preloader-inverse.gif
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 sourcesanspro-regular.ttf
protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/ 0
0 14ms
4ms Font
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-regular.ttf
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 icons.ttf
protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/ 0
0 15ms
5ms Font
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/icons.ttf
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 404 sourcesanspro-semibold.ttf
protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/ 0
0 4ms
4ms Font
text/html 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-semibold.ttf
Requested by: Host: protectiveinsurancebrokers.ae
URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://protectiveinsurancebrokers.ae
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/css/maincab4.css?v=ef9603

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 26 Oct 2024 05:04:24 GMT
content-type: text/html
server: LiteSpeed

GET
H2 200 32.png
protectiveinsurancebrokers.ae/sample/Document_File/img/favicon/ 2 KB
2 KB 5ms
5ms Other
image/png 18.139.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protectiveinsurancebrokers.ae/sample/Document_File/img/favicon/32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.139.13.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: cpanel-009-sg.hostingww.com
Software: LiteSpeed /
Resource Hash: 1064095b485eeb2aedecc4adf6c8fa443eed10fa404e36e3270c188670cd5cca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h****.b*********@g*.se

Response headers

cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 05:04:25 GMT
accept-ranges: bytes
content-length: 1786
date: Sat, 26 Oct 2024 05:04:25 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 13:00:18 GMT
server: LiteSpeed

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Filetransfer.io (Online)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: Failed to decode downloaded font: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-regular.woff
other	warning	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: OTS parsing error: invalid sfntVersion: 1315905603
other	warning	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: Failed to decode downloaded font: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/icons.woff
other	warning	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: OTS parsing error: invalid sfntVersion: 1315905603
other	warning	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: Failed to decode downloaded font: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-semibold.woff
other	warning	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/index.html?e=h**.b******@g.se Message: OTS parsing error: invalid sfntVersion: 1315905603
network	error	URL: https://protectiveinsurancebrokers.ae/img/preloader-primary-large.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/img/preloader-primary.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/img/preloader-gray.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/img/preloader-inverse.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/img/preloader-alert.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/icons.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://protectiveinsurancebrokers.ae/sample/Document_File/css/fonts/sourcesanspro-semibold.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
gate.gopay.cz
protectiveinsurancebrokers.ae
www.w3schools.com
18.139.13.90
192.229.179.87
2606:4700::6811:190e
2a04:4e42:200::485
3.70.40.26
085c3c7697cf67aab30c29d412fc8afe78706df0d9e966f2684f4c766170a2ee
1064095b485eeb2aedecc4adf6c8fa443eed10fa404e36e3270c188670cd5cca
1067fa752e0fcdf32f0f1fdde1b82ccf0f8d724e6e10d9dac7bdb7d9e0660c2a
37eda3560701a1d1f2c09cb5b04fde4c71f9199bdffea4cc85a36878bc6e2ca5
3a266dee3e3a514b11a092c82a767766dcd79b0bf866d326be7c5ccae0d6d02d
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
56684be431834e03e8f36e347ea12a31c9349ad9c2423d7ccd4509fcac39e2dd
752f118a6f2e69f881b38ef21cd6d6db01d6f0ad7b114ea8c8f1b067cc15c970
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7cc2a299fb636730f4b39b49ba5f323f66bbc8cb0b89b54c82352736f4023f43
86cf5a1004dcca13b15db1dddf9d69e632b7e69463a14358c7b5473afeb5f7e5
8e569e6d420fbb1db0f2410688b4aed5a782a77eae9dd643b839b01fa8b7e533
9a73e80c8cf44dbe8a3e6523eae6ee8efa86ebaf685a8abe5bcc4eef6c2bfe91
9c7916171c45d0aacf4644be72a678ca05016f0a28f57df7b7215bfca767d26a
9f4a9747be658185dc687a14e8e58719ca4d67499227556e05d36fb7c26aab32
9fa8998ed4faed6ee6ac4e4323e040f468d62c4b28c344247743b849efafccbd
a7e5c8a5f818d2ae14517c92960b702f127d5ce77a2fd9ae9646ed1ef5847a9a
a7fb9a38c9334bca784d9be61d22dedc3ca020f316edd28a782bfeea48b8fb23
af01abaa415c4bd71c71b10d6794ba2d6c5e232ac1fd45777e72cd7dbf4bed97
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
ed453010a634087addc2f08ee46c8e8be64b12fd7c5b091d871a5229a2660e45
f24e6bce3388f57cb46bddc83d3f461aef73b5f7669080dfc320f68212b5800c

protectiveinsurancebrokers.ae Open in urlscan Pro 18.139.13.90 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

354 kBTransfer

1283 kBSize

0 Cookies

10 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

protectiveinsurancebrokers.ae Open in urlscan Pro
18.139.13.90 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

354 kB
Transfer

1283 kB
Size

0
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!