www.insurors.org Open in urlscan Pro
52.147.170.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e0...
Submission: On November 19 via api (November 19th 2020, 8:42:24 pm UTC) from US

Summary HTTP 42 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 42 HTTP transactions. The main IP is 52.147.170.191, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.insurors.org.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on February 8th 2019. Valid for: 2 years.

This is the only time www.insurors.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	52.147.170.191 52.147.170.191	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::681c:70b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.52.157 199.232.52.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
5	54.144.112.83 54.144.112.83	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.2.74 99.86.2.74	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2 2	34.249.135.160 34.249.135.160	16509 (AMAZON-02) (AMAZON-02)
42	12

27 52.147.170.191 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.insurors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::681c:70b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.52.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.144.112.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-112-83.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-74.fra6.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.135.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-135-160.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	insurors.org www.insurors.org	857 KB
7	feathr.co cdn.feathr.co polo.feathr.co marco.feathr.co polo-v1.feathr.co	37 KB
2	adsrvr.org 2 redirects match.adsrvr.org	958 B
2	google-analytics.com www.google-analytics.com	19 KB
1	twitter.com analytics.twitter.com	651 B
1	t.co t.co	447 B
1	gstatic.com fonts.gstatic.com	20 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleapis.com fonts.googleapis.com	934 B
1	googletagmanager.com www.googletagmanager.com	38 KB
42	10

	Domain	Requested by
27	www.insurors.org	www.insurors.org
4	polo.feathr.co	cdn.feathr.co
2	match.adsrvr.org	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	polo-v1.feathr.co
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	www.insurors.org
1	marco.feathr.co	www.insurors.org
1	fonts.gstatic.com	fonts.googleapis.com
1	static.ads-twitter.com	www.insurors.org
1	cdn.feathr.co	www.insurors.org
1	fonts.googleapis.com	www.insurors.org
1	www.googletagmanager.com	www.insurors.org
42	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
cobrand.iiaba.net
vertafore.kroll.com
register.gotowebinar.com

Subject Issuer	Validity	Valid
*.insurors.org RapidSSL TLS RSA CA G1	`2019-02-08` - `2021-02-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
polo.feathr.co Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
marco.feathr.co Amazon	`2020-08-22` - `2021-09-22`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
Frame ID: FC732DD0E75D5A8522E09D8074299FAE
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Page Statistics

42
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

974 kB
Transfer

2770 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/insurors/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/insurorstn/

Search URL Search Domain Scan URL

URL: https://twitter.com/insurors

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCHc3wUbQqDPYXOdZYjxfcRg?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://cobrand.iiaba.net/content-to-share
Title: Content to Share

Search URL Search Domain Scan URL

URL: https://vertafore.kroll.com/
Title: https://vertafore.kroll.com/

Search URL Search Domain Scan URL

URL: https://register.gotowebinar.com/register/2583124858111649549
Title: Register

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5fb6d8a0fd04ce000885d779&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5fb6d8a0fd04ce000885d779&gdpr=0 HTTP 302
https://polo-v1.feathr.co/v1/analytics/match?f_id=5fb6d8a0fd04ce000885d779&ttd_id=c8add760-ee83-4599-bc4f-d4b82dc01b85

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Vertafore_Data_Breach.aspx Show response
www.insurors.org/IOT/Bulletins/ 66 KB
21 KB 624ms
215ms Document
text/html 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

990e7f012645bb2092fd701fd54f99268c36ae5a08371369ac9892a30a82120f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.insurors.org
:scheme: https
:path: /IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: ASP.NET_SessionId=wxrn3tpwj4rjiungoptdq3zs; path=/; secure; HttpOnly; SameSite=Lax __RequestVerificationToken=hS1SBGaKRrZ7kmHeoZodvSeSzrVsC_uQ2czgUhspnOmRO36Ab1OztMlpyGX0jUu0jJfxv5KRuXusbb25HuN-5XfaI5Ua8uHdI4Fx8RUbqsQ1; path=/; secure; HttpOnly AnonymousCartId=00000000-0000-0000-0000-000000000000; expires=Thu, 03-Dec-2020 20:42:07 GMT; path=/; secure; HttpOnly
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
date: Thu, 19 Nov 2020 20:42:06 GMT
content-length: 20687

GET
H2 200 10-UltraWaveResponsive.css
www.insurors.org/Assets/css/ 300 KB
55 KB 156ms
153ms Stylesheet
text/css 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/Assets/css/10-UltraWaveResponsive.css

Requested by

Host: www.insurors.org
URL: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dc93d5d269531a6f12da94814d926fa9be31d39c67e3a046a9384218750398d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0d5efcfd564d41:0"
last-modified: Mon, 15 Oct 2018 22:24:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 56233

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 24ms
20ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157266048-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e78664d5c393912345bcc56f1d1816454c3c296cc7877aa18c29d369c75ed0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38696
x-xss-protection: 0
last-modified: Thu, 19 Nov 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Nov 2020 20:42:07 GMT

GET
H2 200 Modernizr.min.js Show response
www.insurors.org/AsiCommon/Scripts/Modernizr/ 5 KB
2 KB 287ms
284ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/Modernizr/Modernizr.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0e6dd52d970868a02184548160b423f7009166fdf5f386fedcbf5071cfcf40ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0aa256f7dc9d21:0"
last-modified: Wed, 10 May 2017 11:06:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2197

GET
H2 200 99-Austin_Responsive.css
www.insurors.org/App_Themes/Austin_Responsive/ 126 KB
20 KB 280ms
277ms Stylesheet
text/css 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/App_Themes/Austin_Responsive/99-Austin_Responsive.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

45d85a71d27a96835ea01655ba8297813ee0045e366d4edae5b6092d972c1c53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "04e5cccd564d41:0"
last-modified: Mon, 15 Oct 2018 22:24:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 20825

GET
H2 200 Jquery.min.js Show response
www.insurors.org/AsiCommon/Scripts/Jquery/ 85 KB
30 KB 348ms
345ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/Jquery/Jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0d5efcfd564d41:0"
last-modified: Mon, 15 Oct 2018 22:24:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 30394

GET
H2 200 jquery-migrate-3.0.1.min.js Show response
www.insurors.org/AsiCommon/Scripts/Jquery/ 11 KB
3 KB 396ms
393ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/Jquery/jquery-migrate-3.0.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0d5efcfd564d41:0"
last-modified: Mon, 15 Oct 2018 22:24:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3483

GET
H2 200 jquery-ui.custom.min.js Show response
www.insurors.org/AsiCommon/Scripts/Jquery/ 235 KB
63 KB 397ms
394ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/Jquery/jquery-ui.custom.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

28b8a1d8da744021478e00876dbd5842603642dea512e8abb47de13f62430272

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0aa256f7dc9d21:0"
last-modified: Wed, 10 May 2017 11:06:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 63881

GET
H2 200 angular-bundle.min.js Show response
www.insurors.org/AsiCommon/Scripts/AngularBundles/ 205 KB
73 KB 159ms
154ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/AngularBundles/angular-bundle.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8242613bac65a17930a88a90919c4a6f86e6bdd3c8f999cd1bd01cd4552744ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0aa256f7dc9d21:0"
last-modified: Wed, 10 May 2017 11:06:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 74201

GET
H2 200 angular-spin-bundle.min.js Show response
www.insurors.org/AsiCommon/Scripts/AngularBundles/ 6 KB
3 KB 158ms
153ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/AngularBundles/angular-spin-bundle.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8f32b8ee63ed2497d0aba1e6bfff95294e9bf184679a063ac564d3c216ace6cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0aa256f7dc9d21:0"
last-modified: Wed, 10 May 2017 11:06:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2530

GET
H2 200 asi-core-bundle.min.js Show response
www.insurors.org/AsiCommon/Scripts/AngularBundles/ 3 KB
1 KB 177ms
172ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/AngularBundles/asi-core-bundle.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

30db4e15f35ec6651ec997b59f457eb2b905c5acde59f3b8592ae98cd4034b16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0aa256f7dc9d21:0"
last-modified: Wed, 10 May 2017 11:06:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1053

GET
H2 200 WebResource.axd
www.insurors.org/ 15 KB
4 KB 286ms
283ms Stylesheet
text/css 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/WebResource.axd?d=CDWXB2FN2_Q8L7HDQHmloRN-0NobD0dZJmXrVYFTdrq21OB849-MWHdUNTs7Wo6Zq-pAIRvwRe81oldjyc9B8zY1YKTd_dAGUp4HbCxyQMlCaG35oH5HDHewPsV0v1Ne-12mkxl-TPlTOqqEix52xw2&t=637176084560000000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ab22a0f96f7a8a87fb54ca662cd2e915069f57ceb2a2ba1c6653577805babd56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Feb 2020 13:40:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: text/css
cache-control: public
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 4407
expires: Fri, 19 Nov 2021 14:34:32 GMT

GET
H2 200 WebResource.axd
www.insurors.org/ 2 KB
1 KB 288ms
286ms Stylesheet
text/css 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/WebResource.axd?d=zMZKr1v4wZlZGUuY2ha84jlk__DheyBR1ltLcQAq6JiCwmTvpCCHQF57BuDRpgNWIMEQc5EBtcNFxLXgSgLzEaNjYBiJla5EakpkpFHFke9YeLNmGV2UhdIuAXBG3Oh8oRM-gi_EJjHdtgn1IGXhkQ2&t=637176084560000000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

39e22e8fa2b04fee6f7a16210ca49b0df41f1642c550963446da6d6394f5632a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Feb 2020 13:40:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: text/css
cache-control: public
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 1149
expires: Fri, 19 Nov 2021 14:34:32 GMT

GET
H2 200 WebResource.axd
www.insurors.org/ 13 KB
3 KB 283ms
281ms Stylesheet
text/css 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/WebResource.axd?d=-r13aV70Zse3p2YLJYkT6SCbU7sHxgUpKVIzjBJtTJMU8DS0pW2vsJLPT96cwVdq2-o6NkCQTZwCccdXuKR8D42t_rvu5_WsIMAUudRIu4LWLKYbySCJ7oLksqXAf0K19xQRZxDMut9otND-QSkf3Q2&t=637176084560000000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0526c60613da6e5597eef7d34fd8598a02317eeb61161e70ddb39394d8a1ebad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Feb 2020 13:40:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: text/css
cache-control: public
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 3442
expires: Fri, 19 Nov 2021 14:34:32 GMT

GET
H2 200 WebResource.axd
www.insurors.org/ 5 KB
2 KB 286ms
285ms Stylesheet
text/css 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/WebResource.axd?d=Rgp31aJDPF6ymtmXTixxs_saxQowvP2ej5aUKfp6bxYNPjFTv-OvULBv8zY78pMaBP47CeTCu6k24omzPARgm-RVDHuzWObCk3kABrCjWikW71bHJcvVa4QAAaI-QenPOWtrk9Qoyn2P0xDLgH0AVlIKIN2VQSoItcRrt6LsGF3qj7C9GXqbKQPXfV_V2Iui0&t=637176084560000000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7f42e4150daf42e50525a4c96b6ce980450156075355051bde5d4a68e659acf1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Feb 2020 13:40:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: text/css
cache-control: public
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 2100
expires: Fri, 19 Nov 2021 14:34:32 GMT

GET
H2 200 WebResource.axd Show response
www.insurors.org/ 23 KB
6 KB 416ms
414ms Script
application/x-javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/WebResource.axd?d=HAqfDnDflchKNSjnV6IaTQh2a6v6dtaM3Z2c2wJ4z13C6eJlMrrp2c_yCJGHBvZNbZVJObubque1OEYX-XikU0hW8m_c3L2WqdcUfogEBZQ1&t=637391802305678970

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 25 Oct 2020 04:50:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/x-javascript
cache-control: public
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 6007
expires: Fri, 19 Nov 2021 14:34:32 GMT

GET
H2 200 Telerik.Web.UI.WebResource.axd Show response
www.insurors.org/ 752 KB
197 KB 421ms
420ms Script
application/x-javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl01_ScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bAjaxControlToolkit%2c+Version%3d4.1.50508%2c+Culture%3dneutral%2c+PublicKeyToken%3d28f01b0e84b6d53e%3aen-US%3a0c8c847b-b611-49a7-8e75-2196aa6e72fa%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2020.1.219.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3abb184598-9004-47ca-9e82-5def416be84b%3a16e4e7cd%3a33715776%3af7645509%3a24ee1bba%3ae330518b%3a2003d0b8%3ac128760b%3a1e771326%3a88144a7a%3ac8618e41%3a1a73651d%3a333f8d94%3aa1a4383a%3aed16cbdc%3a4877f69a%3ab2e06756%3a92fe8ea0%3afa31b949%3a874f8ea2%3a19620875%3af46195d3%3a490a9d4e%3abd8f85e4%3bAjaxControlToolkit%2c+Version%3d4.1.50508.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d28f01b0e84b6d53e%3aen-US%3a0c8c847b-b611-49a7-8e75-2196aa6e72fa%3a782b16ab

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ecf8a648906079c85f733cea3e05db0ec880a5b03217eb73635d6c3d1099808c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
vary: User-Agent
last-modified: Wed, 19 Feb 2020 00:00:00 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/x-javascript
cache-control: public, max-age=31536000
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 200968
expires: Fri, 19 Nov 2021 20:42:07 GMT

GET
H2 200 Asi.js Show response
www.insurors.org/AsiCommon/scripts/ 239 KB
62 KB 504ms
503ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/scripts/Asi.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bf4423c34dffc72c8639a836a61b1560a47c5c8295c50652528cc82a4cf73fb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0261efd664d41:0"
last-modified: Mon, 15 Oct 2018 22:26:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 62867

GET
H2 200 Asi.Web.js Show response
www.insurors.org/AsiCommon/Scripts/ 113 KB
27 KB 513ms
511ms Script
application/javascript 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/AsiCommon/Scripts/Asi.Web.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c5c670222b153a4ab7a0d71fe0f8814ca58db393ac0452f7d1e3ed1c15c2b425

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
etag: "0d5efcfd564d41:0"
last-modified: Mon, 15 Oct 2018 22:24:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 27571

GET
H2 200 loading.gif
www.insurors.org/images/ImageLibrary/ 3 KB
3 KB 178ms
174ms Image
image/gif 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/images/ImageLibrary/loading.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

67b8977ef0d00a7059c001f21b242c6d26200c50b62ce913c4645e414f6be43c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Wed, 10 May 2017 11:06:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0d756707dc9d21:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2650

GET
H2 200 iot_logo.gif
www.insurors.org/images/IOT_Images/Logo%20Images/ 10 KB
10 KB 176ms
171ms Image
image/gif 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/images/IOT_Images/Logo%20Images/iot_logo.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7b3d07d4b6ed9334ea4d187d4e1ad99f24b43e0a9ea200bba55ebacac73182d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Wed, 24 Feb 2016 18:07:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "16384472e6fd11:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10322

GET
H2 200 Facebook.png
www.insurors.org/images/ 54 KB
54 KB 177ms
173ms Image
image/png 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/images/Facebook.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4f0e38c532a99d1fe7f0f0dd01ec0e5d14e160d73dd2d11554a6ae923dee297b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Fri, 23 Feb 2018 20:46:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1a9fc857e7acd31:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 55555

GET
H2 200 Insta.png
www.insurors.org/images/ 103 KB
103 KB 181ms
177ms Image
image/png 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/images/Insta.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

831dad0bbd1be64b804e8654387f2ac26cd058ea79cfb0234365b40554681b08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Fri, 23 Feb 2018 20:46:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b420cb57e7acd31:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 105011

GET
H2 200 Twitter.png
www.insurors.org/images/ 58 KB
58 KB 178ms
174ms Image
image/png 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/images/Twitter.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

34cf5cdd12ff15878301ed6646af0c4c8c555d2b8da464bce9824d02c88a7a42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Fri, 23 Feb 2018 20:46:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f962cd57e7acd31:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 59002

GET
H2 200 YouTube.png
www.insurors.org/images/ 55 KB
55 KB 185ms
181ms Image
image/png 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/images/YouTube.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ea3fe38c3276301cdc816bafd12a335a228b388c720f97a057eef7734bd3f628

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Fri, 23 Feb 2018 20:47:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7df3f384e7acd31:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 56239

GET
H2 200 3x3.gif
www.insurors.org/AsiCommon/Images/ 44 B
95 B 174ms
171ms Image
image/gif 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/AsiCommon/Images/3x3.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1b6c06ba58055513a7772b708f2218fd5a9cd29e8333a510e30ac1a9508b6e12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Wed, 10 May 2017 11:06:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0aa256f7dc9d21:0"
x-frame-options: sameorigin
content-type: image/gif
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 44

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157266048-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3163
date: Thu, 19 Nov 2020 19:49:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 19 Nov 2020 21:49:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
934 B 44ms
29ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:200

Requested by

Host: www.insurors.org
URL: https://www.insurors.org/App_Themes/Austin_Responsive/99-Austin_Responsive.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d1e3e21f9a027362d1e56aa98e510748f331a27d96166905950bbb058e4cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurors.org/App_Themes/Austin_Responsive/99-Austin_Responsive.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 20:42:07 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Thu, 19 Nov 2020 20:42:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 19 Nov 2020 20:42:07 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1887680060&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insurors.org%2FIOT%2FBulletins%2FVertafore_Data_Breach.aspx%3Futm_source%3DBulletin%252011%252F19%252F20%26utm_campaign%3D480c2e03d7-Bulletin17_126_23_2017_COPY_01%26utm_medium%3Demail%26utm_term%3D0_64438c85c7-480c2e03d7-217558202%26ct%3Dt&ul=en-us&de=UTF-8&dt=Vertafore%20Data%20Breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1262114558&gjid=689428261&cid=608780778.1605818528&tid=UA-157266048-1&_gid=1253164968.1605818528&_r=1&gtm=2oub41&z=840097185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 20:42:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insurors.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 114 KB
34 KB 46ms
18ms Script
application/javascript 2606:4700:3035::681c:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: www.insurors.org
URL: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806c9975656fb05571e902f1154303c7b1553ae12444ca54da5b1a150007146c

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2618
x-amz-request-id: D314B7F243CF451A
x-amz-id-2: z3WnY3e1BUu2eLeITsE5O7qhiNU86j5aGVmCVlE9p97lu7PlRV8hpoOmKeiOUxRElozO13H6+h4=
last-modified: Wed, 06 May 2020 17:47:20 GMT
server: cloudflare
etag: W/"360b036656090b581ae5d1ecb2572847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IU%2BwOWZdsoT5oRQhBNoTdMF6SCTzrY%2FiflgvLE45zAmtK0Vcz77Z9%2FSMOLSt0d2qdGxdqW52JoKq1%2B4KMOhiD2RC2bxzop4Z3iGwPDH3SzGlMz48armkW%2F6L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 0683d7489a000006102b17a000000001
cf-ray: 5f4cc1875b970610-FRA

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 182ms
58ms Script
application/javascript 199.232.52.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.insurors.org
URL: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.52.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
via: 1.1 varnish
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
age: 83368
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1605818528.019969,VS0,VE0
x-served-by: cache-man4144-MAN

GET
H2 200 ResponsiveHeaderSprite.png
www.insurors.org/App_Themes/Austin_Responsive/images/ 2 KB
2 KB 154ms
151ms Image
image/png 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurors.org/App_Themes/Austin_Responsive/images/ResponsiveHeaderSprite.png

Requested by

Host: www.insurors.org
URL: https://www.insurors.org/App_Themes/Austin_Responsive/99-Austin_Responsive.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c10cbefa7120aaa802351b7d8646fa0ef7f3c0514eca4299d607490ed449f3b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.insurors.org/App_Themes/Austin_Responsive/99-Austin_Responsive.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Wed, 10 May 2017 11:06:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "023926b7dc9d21:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=172800
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1740

GET
H3-Q050 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtaorCIPrcVIT9d0c8.woff
fonts.gstatic.com/s/raleway/v18/ 19 KB
20 KB 7ms
7ms Font
font/woff 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v18/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtaorCIPrcVIT9d0c8.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:200

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75e6d51c700c8001a6b9da065e52ae71afed5727d554906b601e275e7d37528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurors.org
Referer: https://fonts.googleapis.com/css?family=Raleway:200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 08:19:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 20:45:32 GMT
server: sffe
age: 562960
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19920
x-xss-protection: 0
expires: Sat, 13 Nov 2021 08:19:27 GMT

POST
H2 200 GetSessionInfoFromCookie Show response
www.insurors.org/SessionInfo/ 4 B
199 B 145ms
144ms XHR
application/json 52.147.170.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurors.org/SessionInfo/GetSessionInfoFromCookie

Requested by

Host: www.insurors.org
URL: https://www.insurors.org/AsiCommon/Scripts/Jquery/Jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.170.191 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Accept: */*
X-NoRefreshSession: true
Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: no-cache
date: Thu, 19 Nov 2020 20:42:07 GMT
strict-transport-security: max-age=31536000
content-length: 4
expires: -1

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/5d4c2b4e3f166b165b065de8/ 31 B
363 B 424ms
137ms XHR
application/json 54.144.112.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/5d4c2b4e3f166b165b065de8/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.112.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-112-83.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
server: nginx/1.17.8
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 31

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
585 B 337ms
197ms Image
image/gif 99.86.2.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.insurors.org
URL: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-74.fra6.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: ec9d460f-1f1e-4de4-98d1-9f9eb57f568c
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5fb6d8a0-4cfdea3559375a8279b6638a;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: WRbJEHnroAMF4Uw=
content-length: 43
x-amz-cf-id: GY1S-pbxkbWDFLZMZGV9T2Tr6OYLDN_rUssa4Gs23fWifCTSG7sjkg==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

GET
H2 200 adsct
t.co/i/ 43 B
447 B 258ms
157ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o3wlx&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.insurors.org%2FIOT%2FBulletins%2FVertafore_Data_Breach.aspx%3Futm_source%3DBulletin%252011%252F19%252F20%26utm_campaign%3D480c2e03d7-Bulletin17_126_23_2017_COPY_01%26utm_medium%3Demail%26utm_term%3D0_64438c85c7-480c2e03d7-217558202%26ct%3Dt

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Thu, 19 Nov 2020 20:42:08 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 83500c73c20fdee5bf412d9238202c15
x-transaction: 00b27f9f006a2901
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 281ms
168ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o3wlx&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.insurors.org%2FIOT%2FBulletins%2FVertafore_Data_Breach.aspx%3Futm_source%3DBulletin%252011%252F19%252F20%26utm_campaign%3D480c2e03d7-Bulletin17_126_23_2017_COPY_01%26utm_medium%3Demail%26utm_term%3D0_64438c85c7-480c2e03d7-217558202%26ct%3Dt

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Thu, 19 Nov 2020 20:42:08 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3077b5235813a3b99250b14d44800f08
x-transaction: 00c819bd0063c51a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
580 B 421ms
142ms Script
text/javascript 54.144.112.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.112.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-112-83.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

f994a263a360dcd1e86bc6cfa573d5689a951109d22f5c3ef6f6e2fb7db12cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
content-encoding: gzip
server: nginx/1.17.8
etag: W/"5fb6d8a0fd04ce000885d779"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/5d4c2b4e3f166b165b065de8/ 32 B
397 B 421ms
143ms Script
text/javascript 54.144.112.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/5d4c2b4e3f166b165b065de8/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.112.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-112-83.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:08 GMT
server: nginx/1.17.8
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=14400
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 32

GET
H2

200

match
polo-v1.feathr.co/v1/analytics/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5fb6d8a0fd04ce000885d779&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5fb6d8a0fd04ce000885d779&gdpr=0
https://polo-v1.feathr.co/v1/analytics/match?f_id=5fb6d8a0fd04ce000885d779&ttd_id=c8add760-ee83-4599-bc4f-d4b82dc01b85

43 B
402 B

154ms
142ms

Image
image/gif

54.144.112.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo-v1.feathr.co/v1/analytics/match?f_id=5fb6d8a0fd04ce000885d779&ttd_id=c8add760-ee83-4599-bc4f-d4b82dc01b85

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.112.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-112-83.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:09 GMT
server: nginx/1.17.8
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 19 Nov 2020 20:42:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://polo-v1.feathr.co/v1/analytics/match?f_id=5fb6d8a0fd04ce000885d779&ttd_id=c8add760-ee83-4599-bc4f-d4b82dc01b85
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2 200 crumb
polo.feathr.co/v1/analytics/ 43 B
402 B 205ms
204ms Image
image/gif 54.144.112.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo.feathr.co/v1/analytics/crumb?cb=1605818528935&a_id=5d4c2b4e3f166b165b065de8&f_id=5fb6d8a0fd04ce000885d779&ses_id=5fb6d8a01365b87255a12456&flvr=page_view&loc_url=https%3A%2F%2Fwww.insurors.org%2FIOT%2FBulletins%2FVertafore_Data_Breach.aspx%3Futm_source%3DBulletin%252011%252F19%252F20%26utm_campaign%3D480c2e03d7-Bulletin17_126_23_2017_COPY_01%26utm_medium%3Demail%26utm_term%3D0_64438c85c7-480c2e03d7-217558202%26ct%3Dt&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=&utm_params=eyJ1dG1fc291cmNlIjoiQnVsbGV0aW4lMjAxMSUyRjE5JTJGMjAiLCJ1dG1fY2FtcGFpZ24iOiI0ODBjMmUwM2Q3LUJ1bGxldGluMTdfMTI2XzIzXzIwMTdfQ09QWV8wMSIsInV0bV9tZWRpdW0iOiJlbWFpbCIsInV0bV90ZXJtIjoiMF82NDQzOGM4NWM3LTQ4MGMyZTAzZDctMjE3NTU4MjAyIn0=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.112.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-112-83.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurors.org/IOT/Bulletins/Vertafore_Data_Breach.aspx?utm_source=Bulletin%2011%2F19%2F20&utm_campaign=480c2e03d7-Bulletin17_126_23_2017_COPY_01&utm_medium=email&utm_term=0_64438c85c7-480c2e03d7-217558202&ct=t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 20:42:09 GMT
server: nginx/1.17.8
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43

Verdicts & Comments Add Verdict or Comment

511 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.insurors.org/	1970-01-19 14:03:42	Name: feathr_session_id Value: 5fb6d8a01365b87255a12456
www.insurors.org/	1969-12-31 23:59:59	Name: Asi.Web.Browser.CookiesEnabled Value: true
www.insurors.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wxrn3tpwj4rjiungoptdq3zs
.insurors.org/	1970-01-19 14:05:04	Name: _gid Value: GA1.2.1253164968.1605818528
.insurors.org/	1970-01-20 07:34:50	Name: _ga Value: GA1.2.608780778.1605818528
www.insurors.org/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: hS1SBGaKRrZ7kmHeoZodvSeSzrVsC_uQ2czgUhspnOmRO36Ab1OztMlpyGX0jUu0jJfxv5KRuXusbb25HuN-5XfaI5Ua8uHdI4Fx8RUbqsQ1
.insurors.org/	1970-01-19 14:03:38	Name: _gat_gtag_UA_157266048_1 Value: 1
www.insurors.org/	1970-01-19 14:23:48	Name: AnonymousCartId Value: 00000000-0000-0000-0000-000000000000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.insurors.org/AsiCommon/Scripts/Jquery/jquery-migrate-3.0.1.min.js(Line 33) Message: JQMIGRATE: Migrate is installed, version 3.0.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
cdn.feathr.co
fonts.googleapis.com
fonts.gstatic.com
marco.feathr.co
match.adsrvr.org
polo-v1.feathr.co
polo.feathr.co
static.ads-twitter.com
t.co
www.google-analytics.com
www.googletagmanager.com
www.insurors.org
104.244.42.131
104.244.42.5
199.232.52.157
2606:4700:3035::681c:70b
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:824::200e
34.249.135.160
52.147.170.191
54.144.112.83
99.86.2.74
0526c60613da6e5597eef7d34fd8598a02317eeb61161e70ddb39394d8a1ebad
0e6dd52d970868a02184548160b423f7009166fdf5f386fedcbf5071cfcf40ca
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
1b6c06ba58055513a7772b708f2218fd5a9cd29e8333a510e30ac1a9508b6e12
28b8a1d8da744021478e00876dbd5842603642dea512e8abb47de13f62430272
2e78664d5c393912345bcc56f1d1816454c3c296cc7877aa18c29d369c75ed0b
30db4e15f35ec6651ec997b59f457eb2b905c5acde59f3b8592ae98cd4034b16
34cf5cdd12ff15878301ed6646af0c4c8c555d2b8da464bce9824d02c88a7a42
39e22e8fa2b04fee6f7a16210ca49b0df41f1642c550963446da6d6394f5632a
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45d85a71d27a96835ea01655ba8297813ee0045e366d4edae5b6092d972c1c53
4f0e38c532a99d1fe7f0f0dd01ec0e5d14e160d73dd2d11554a6ae923dee297b
559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de
67b8977ef0d00a7059c001f21b242c6d26200c50b62ce913c4645e414f6be43c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7b3d07d4b6ed9334ea4d187d4e1ad99f24b43e0a9ea200bba55ebacac73182d1
7d1e3e21f9a027362d1e56aa98e510748f331a27d96166905950bbb058e4cda0
7f42e4150daf42e50525a4c96b6ce980450156075355051bde5d4a68e659acf1
806c9975656fb05571e902f1154303c7b1553ae12444ca54da5b1a150007146c
8242613bac65a17930a88a90919c4a6f86e6bdd3c8f999cd1bd01cd4552744ce
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
831dad0bbd1be64b804e8654387f2ac26cd058ea79cfb0234365b40554681b08
8f32b8ee63ed2497d0aba1e6bfff95294e9bf184679a063ac564d3c216ace6cb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990e7f012645bb2092fd701fd54f99268c36ae5a08371369ac9892a30a82120f
a75e6d51c700c8001a6b9da065e52ae71afed5727d554906b601e275e7d37528
ab22a0f96f7a8a87fb54ca662cd2e915069f57ceb2a2ba1c6653577805babd56
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bf4423c34dffc72c8639a836a61b1560a47c5c8295c50652528cc82a4cf73fb8
c10cbefa7120aaa802351b7d8646fa0ef7f3c0514eca4299d607490ed449f3b1
c5c670222b153a4ab7a0d71fe0f8814ca58db393ac0452f7d1e3ed1c15c2b425
dc93d5d269531a6f12da94814d926fa9be31d39c67e3a046a9384218750398d9
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea3fe38c3276301cdc816bafd12a335a228b388c720f97a057eef7734bd3f628
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ecf8a648906079c85f733cea3e05db0ec880a5b03217eb73635d6c3d1099808c
f994a263a360dcd1e86bc6cfa573d5689a951109d22f5c3ef6f6e2fb7db12cdd

www.insurors.org Open in urlscan Pro 52.147.170.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

46 %IPv6

10 Domains

13 Subdomains

12 IPs

3 Countries

974 kBTransfer

2770 kBSize

8 Cookies

7 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.insurors.org Open in urlscan Pro
52.147.170.191 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

974 kB
Transfer

2770 kB
Size

8
Cookies

42 HTTP transactions
0 data transactions