insurance.ushur.com Open in urlscan Pro
2606:4700:20::ac43:4b5c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://insurance.ushur.com/email-triage/
Effective URL:
https://insurance.ushur.com/smartmail/
Submission: On April 14 via manual (April 14th 2021, 2:37:45 am UTC) from CA

Summary HTTP 90 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 30 IPs in 2 countries across 26 domains to perform 90 HTTP transactions. The main IP is 2606:4700:20::ac43:4b5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is insurance.ushur.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2020. Valid for: a year.

This is the only time insurance.ushur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2606:4700:20:... 2606:4700:20::ac43:4b5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.217 151.101.112.217	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
1	151.101.192.217 151.101.192.217	54113 (FASTLY) (FASTLY)
1	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:710... 2a02:26f0:7100:481::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
90	30

36 2606:4700:20::ac43:4b5c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

insurance.ushur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.8 (United States)

ASN20446 (HIGHWINDS3, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:481::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	ushur.com 1 redirects insurance.ushur.com	1 MB
13	fontawesome.com pro.fontawesome.com kit.fontawesome.com ka-p.fontawesome.com	543 KB
6	vimeocdn.com i.vimeocdn.com f.vimeocdn.com fresnel.vimeocdn.com	182 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	hubspot.com track.hubspot.com forms.hubspot.com	2 KB
3	googletagmanager.com www.googletagmanager.com	108 KB
3	gstatic.com fonts.gstatic.com	54 KB
2	facebook.com www.facebook.com	517 B
2	facebook.net connect.facebook.net	97 KB
2	hsforms.com forms.hsforms.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	hsforms.net js.hsforms.net	258 KB
2	hs-scripts.com js.hs-scripts.com	2 KB
2	vimeo.com player.vimeo.com vimeo.com	16 KB
1	google.de www.google.de	154 B
1	google.com www.google.com	154 B
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	licdn.com snap.licdn.com	2 KB
1	hubapi.com api.hubapi.com	1 KB
1	hsleadflows.net js.hsleadflows.net	77 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	googleapis.com fonts.googleapis.com	855 B
90	26

	Domain	Requested by
36	insurance.ushur.com	1 redirects insurance.ushur.com ajax.cloudflare.com
8	ka-p.fontawesome.com	kit.fontawesome.com insurance.ushur.com
4	pro.fontawesome.com	insurance.ushur.com pro.fontawesome.com
3	f.vimeocdn.com	player.vimeo.com
3	www.googletagmanager.com	ajax.cloudflare.com js.hsadspixel.net www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	connect.facebook.net
2	px.ads.linkedin.com	1 redirects
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	track.hubspot.com
2	forms.hsforms.com	js.hsforms.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	i.vimeocdn.com	player.vimeo.com
2	js.hsforms.net	ajax.cloudflare.com
2	js.hs-scripts.com	ajax.cloudflare.com
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	js.hsadspixel.net
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	vimeo.com	f.vimeocdn.com
1	kit.fontawesome.com	ajax.cloudflare.com
1	player.vimeo.com	insurance.ushur.com
1	ajax.cloudflare.com	insurance.ushur.com
1	fonts.googleapis.com	insurance.ushur.com
90	33

This site contains links to these domains. Also see Links.

Domain
ushur.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-01` - `2021-06-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-12` - `2022-04-13`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D2	`2021-03-14` - `2021-06-12`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://insurance.ushur.com/smartmail/
Frame ID: 01A75AF4A21917BF712DD2E82B153E0D
Requests: 82 HTTP requests in this frame

Frame: https://player.vimeo.com/video/357680475
Frame ID: D0F04378B44FBE85C794FF3795693D12
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://insurance.ushur.com/email-triage/ HTTP 301
https://insurance.ushur.com/smartmail/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

90
Requests

100 %
HTTPS

81 %
IPv6

26
Domains

33
Subdomains

30
IPs

2
Countries

2889 kB
Transfer

6174 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ushur.com/terms-of-services/
Title: Terms of Services

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ushurme/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ushurinc
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ushur-me/
Title: Linkedin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://insurance.ushur.com/email-triage/ HTTP 301
https://insurance.ushur.com/smartmail/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1354772&time=1618367848930&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1354772%26time%3D1618367848930%26url%3Dhttps%253A%252F%252Finsurance.ushur.com%252Fsmartmail%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1354772&time=1618367848930&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&liSync=true

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
insurance.ushur.com/smartmail/
Redirect Chain

https://insurance.ushur.com/email-triage/
https://insurance.ushur.com/smartmail/

46 KB
10 KB

1010ms
1009ms

Document
text/html

2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 2265f49457f34d9a60ccc3cb64413eb32ebab15c0295dff67323a31a81b89cfb

Request headers

:method: GET
:authority: insurance.ushur.com
:scheme: https
:path: /smartmail/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d4bae602fffbcfaf4707a40cad32efadd1618367845
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://insurance.ushur.com/wp-json/>; rel="https://api.w.org/" <https://insurance.ushur.com/wp-json/wp/v2/pages/19480>; rel="alternate"; type="application/json" <https://insurance.ushur.com/?p=19480>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 096fd6b16700000d527f198000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2%2FSaSagVRxJsTPHOz7nnTgyaTUE4H1sFj11RHREpnzjodf3HwL8ojIVSL89xrI8hjhss8Q6jSFNJjHhGXBENSn4VJg4PI972asrydhqMRgX%2BkQn0hFoeJyc8ALmh1WSK"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63f98d623afc0d52-ARN
content-encoding: br

Redirect headers

date: Wed, 14 Apr 2021 02:37:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4bae602fffbcfaf4707a40cad32efadd1618367845; expires=Fri, 14-May-21 02:37:25 GMT; path=/; domain=.ushur.com; HttpOnly; SameSite=Lax; Secure
expires: Wed, 14 Apr 2021 03:37:14 GMT
x-redirect-by: redirection
location: https://insurance.ushur.com/smartmail/
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 096fd6ad7500000d5220312000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jLKYPjfG0DiauBuVAk5l%2FIe69N2RFRJHRemnhNcX9Wlb6w44lbOiyiLTaOTYfDKj716W6SYisR6bsrVeBjnZIrpNlKovaIGl1xjg8NIOXYcqn21iki3TIMaYr%2F64z42l"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63f98d5beff00d52-ARN

GET
H2 200 style.min.css
insurance.ushur.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 68ms
66ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b56100000d526ebee000000001
last-modified: Wed, 17 Feb 2021 14:16:26 GMT
server: cloudflare
etag: W/"602d253a-c88a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dDCm0IRzBXahl1YaksWh2DNFiKX3hLGIUAfgSjiOwVTegMDGZO1LSM5tbu%2BfIabDPeQQU227DDcKbZTzTNEDiBmmMMJvGRPxlbfpZx%2BGE%2BJBioElUJEBmsOpmQpQuMyx"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f4e0d52-ARN

GET
H2 200 theme.min.css
insurance.ushur.com/wp-includes/css/dist/block-library/ 2 KB
973 B 111ms
109ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.6.2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
cf-request-id: 096fd6b56000000d525c2a7000000001
last-modified: Tue, 13 Oct 2020 13:10:30 GMT
server: cloudflare
etag: W/"5f85a746-8f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dQeVxB3Ipj8m3ACNhSZmqYyfDIa%2B8DDI2CX0299Ta4mEbjNbMgbNwWLv7Gx1Ny%2Bn0Xs%2FdZO9oW4eKDskepu3U8FOmARjZQSUwqzjMDUeJJRD23dY13zUzlkiWOfEHNiI"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f510d52-ARN

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.12.0/css/ 167 KB
32 KB 33ms
13ms Stylesheet
text/css 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: a34e129ed3df3b2296abf74f041f034510a11a31b3243803164b86ffe83855d7

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 22:49:38 GMT
etag: "81b2e00ad71a15f478a9def1e55ca743"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1618367847.cds168.fr8.hn,1618367847.cds207.fr8.c
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 32713

GET
H2 200 19480-layout.css
insurance.ushur.com/wp-content/uploads/bb-plugin/cache/ 104 KB
13 KB 62ms
60ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/uploads/bb-plugin/cache/19480-layout.css?ver=6d2aa776a8c73cfa20fece78e5f468a6
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52cfa8ae2fbdc9fdf6f8bb7d08a39a418edd5761e74e4f7762db9bfd4d7a3177

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11
cf-polished: origSize=111097
cf-request-id: 096fd6b56000000d5214220000000001
last-modified: Tue, 01 Dec 2020 08:08:01 GMT
server: cloudflare
etag: W/"5fc5f9e1-1b1f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WxvS47wQIc5vCm3M5hmf0e9vwFCvVQFxuczVtyTbp5cOYQmH23bqCj3594%2FdzEnf1%2F%2FcowgL6uotjeBrbtMgEjxWWBHYiiOW2GzrbF1UV5LWDnAQUDycyx1fOa8HAOs%2F"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f520d52-ARN
cf-bgj: minify

GET
H2 200 jquery.magnificpopup.min.css
insurance.ushur.com/wp-content/plugins/bb-plugin/css/ 5 KB
2 KB 60ms
58ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.0.2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fc469cfd622c04997bedf30964867b359ac93369fb1e38a286d510d8609df8

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
cf-request-id: 096fd6b56000000d52650eb000000001
last-modified: Fri, 25 Sep 2020 11:05:56 GMT
server: cloudflare
etag: W/"5f6dcf14-150c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pz3hpyGYaXIAqnZZvGnR0W0CFEOFVXtxV4uSZrqon0nmWRd%2F9fd613Br08Hr95zJ2NOyBNCd%2Fdz8sX57ST2t9JOqJR9Zs0YND2S5KJLdzxyqAkTZV6KGUzuyDAbdjDOs"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f530d52-ARN

GET
H2 200 base.min.css
insurance.ushur.com/wp-content/themes/bb-theme/css/ 47 KB
9 KB 108ms
106ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.5.1
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
cf-request-id: 096fd6b56000000d524130f000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-bd2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S7sn0vX9eP7HLtm5ja5Aiptb9glbak3IRLbpkPbbW1mwTF8Pqxqi1E8Huk%2BRIQUCbgVpvDFEp1nk6eCRlSI82deAkEBA6EWuleebEqsqBl0fnP7nfg3Bky9cK2P7DlmY"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f540d52-ARN

GET
H2 200 skin-5fc57141902a7.css
insurance.ushur.com/wp-content/uploads/bb-theme/ 50 KB
7 KB 111ms
110ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/uploads/bb-theme/skin-5fc57141902a7.css?ver=1.7.5.1
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa3fdc68a63c284a8803e8d3b7912ef8f1fdb172a2032e538e36f318d32109b

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
cf-polished: origSize=51973
cf-request-id: 096fd6b56000000d52972f1000000001
last-modified: Mon, 30 Nov 2020 22:25:05 GMT
server: cloudflare
etag: W/"5fc57141-cb05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1NkLE5HmBWJA5JNNo0a%2FHU1NMAqKSR2OkiEkXRzt2C1isBEyasWAlLOBkhqDsjvijgEp%2Fvwj%2F%2Fn%2FYwVpudwoBaEiGR%2BtYbQ8B5vu%2BBNRaMTI31LUYupSrN0RsjexWv53"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f550d52-ARN
cf-bgj: minify

GET
H2 200 style.css
insurance.ushur.com/wp-content/themes/bb-theme-child/ 0
346 B 78ms
76ms Stylesheet
text/css 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/themes/bb-theme-child/style.css?ver=5.6.2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
cf-polished: origSize=327
cf-request-id: 096fd6b56100000d522298c000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BKXkpVYKV2Mh1WgGVJcKTCfGHMAhX8%2BOREZrqpyoNRunOeJ%2F4knJjHtgC9wcgZqq0C7RHzlOHlmTIsmOEAH1DlHtWZY0kXFZs33W7GUBcBtn%2FiyVremL6F%2FQtfCOa9iU"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d689f560d52-ARN
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 7 KB
855 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CWork+Sans%3A400&ver=5.6.2

Requested by

Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

987d07f2a8cb67450a77880693e3bd11c0fd4f20685360560280da6b4bc5e908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 02:37:27 GMT
server: ESF
date: Wed, 14 Apr 2021 02:37:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 02:37:27 GMT

GET
H2 200 Ushur_White_300.png
insurance.ushur.com/wp-content/uploads/2019/06/ 2 KB
3 KB 75ms
73ms Image
image/png 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/06/Ushur_White_300.png
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf24f1278f448d998d8b504a47393a52ad860c62461df99591f858394a8e9b2

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
content-length: 2501
cf-request-id: 096fd6b56200000d5293b8a000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-9c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C1svIYNzi38h3lQpMmtIywBRcXW9WAvZC7l31I2saqlK6MGfIHZBksIvFEMGldEYjnaPI%2BsrqKLeeNRdjyWsCJOLzH%2BYEviZCHvb%2FEBT3uyCbCkYC%2B1%2FzX9wP2CQZLwB"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d689f590d52-ARN

GET
H2 200 ushur_emailtriage_hero_web-300x155.jpg
insurance.ushur.com/wp-content/uploads/2019/06/ 15 KB
15 KB 68ms
66ms Image
image/jpeg 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/06/ushur_emailtriage_hero_web-300x155.jpg
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c21009ecabbee0f78560a5b9938b2083d2ff2ca487b7d9ed548752870ba8504

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
content-length: 15395
cf-request-id: 096fd6b56300000d5200903000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-3c23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w%2BPalTekIh2a8fuFul720GfdzbHzVvnaANXxHOybQD%2FR%2BcJoRN%2FMvPCirn7AM68L0P%2BRE59xJn6kAGAV5Kai3dj%2F9gCKLJ32hhh6BxTDB9dySj8glcYNFOG%2FxrX30TFe"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d689f5a0d52-ARN
cf-bgj: h2pri

GET
H2 200 ushur_fnol_hero_web-e1560452072167-300x155.jpg
insurance.ushur.com/wp-content/uploads/2019/06/ 13 KB
14 KB 108ms
107ms Image
image/jpeg 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/06/ushur_fnol_hero_web-e1560452072167-300x155.jpg
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71ac5e99ecb1f425ec66c5a3c9f9648546aab8096c3591a1015ddc9dce18013

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
content-length: 13502
cf-request-id: 096fd6b56300000d525b153000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-34be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=20sMAtiYvvCguP75xviMPNkTGfVGNbTOO%2F4gOvJ9u1iVLDaSIAuUXky5TedXLRG9F5DS4T1rm3mU4FD%2BMBd0iiDqv6W58ah0kJXff57hSzBY%2FMfNhBB%2F3fmMp2NQSvEj"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d689f5d0d52-ARN
cf-bgj: h2pri

GET
H2 200 ushur_cognitivesearch_hero_web-300x155.jpg
insurance.ushur.com/wp-content/uploads/2019/06/ 11 KB
11 KB 121ms
120ms Image
image/jpeg 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/06/ushur_cognitivesearch_hero_web-300x155.jpg
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408158e9168cbe126207857e5321ac509150ff6ee3ef392925f37f58af69ee83

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
content-length: 11040
cf-request-id: 096fd6b58f00000d52642fe000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-2b20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WUjM3Pj76q1VeJXaNUBLNNHn9GLUxbcFmczEV4CLSZo1hPUKvUslQqx6Wfk4N0djZpdFyhGT3OaZpU6O%2FqRGvyc81fXLAJSA6OfqcK%2Fi6%2F3lCk09stFUTQiyDFCkrwxP"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d68efce0d52-ARN
cf-bgj: h2pri

GET
H2 200 ushur_underwriting_hero_web-300x155.jpg
insurance.ushur.com/wp-content/uploads/2019/05/ 10 KB
11 KB 116ms
114ms Image
image/jpeg 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/05/ushur_underwriting_hero_web-300x155.jpg
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d2180d4feff6e18985190ee73afb16808b732c3782bff0ee4436ea2ca839059

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 517
content-length: 10465
cf-request-id: 096fd6b59000000d525c2aa000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-28e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9OgpV4HZEhU%2Bz598DmJjdUAqFBbWbPO4oLO3Uf%2FItK6%2F62PDg4JiB5cU1Nt1f02h2qIEGywsVutwtLOea%2BGm3HGqrAW82TokYbzhoQKwELheb%2FyLzYPHYfMIHtE0kKT9"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d68efd00d52-ARN
cf-bgj: h2pri

GET
H2 404 help.png
insurance.ushur.com/wp-admin/images/ 548 B
548 B 120ms
119ms Image
text/html 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-admin/images/help.png
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 11
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G1PZD%2Fz5Tso2XnW615AaOmuiXbqio%2BBz5TT4SBVo9siyxgVpdKpgNhwJojgKz4zFnPfwmoD2sQY7kWe54OjISTX3sNR4xEiR3T8onWYZwKjh6ORfNXH%2BoK%2BnIrkQmUBY"}],"max_age":604800}
content-type: text/html
cache-control: max-age=28800
cf-ray: 63f98d68efd20d52-ARN
cf-request-id: 096fd6b59200000d5285b7b000000001

GET
H2 200 email-decode.min.js Show response
insurance.ushur.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 52ms
50ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.ushur.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 096fd6b56200000d52292ca000000001
last-modified: Tue, 06 Apr 2021 15:06:53 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"606c790d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4SqUhu7kVjMU%2FZ7xmuO10%2BSD%2BdmQpul0MPAVpFcWnMEo5367%2BnRuwZAV8NEDNygsTDCbL%2FMKyIva1unOcAHM5r8VYBj1AATh55yrqOEr5tsaLu3krUw03fUPln3DEHGw"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 63f98d689f580d52-ARN
expires: Fri, 16 Apr 2021 02:37:27 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 45ms
15ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 096fd6b57400000b7ca1123000000001
last-modified: Tue, 06 Apr 2021 15:06:53 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"606c790d-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4xCn4n7bHR%2Fa030PoMX%2B08cXwCjjMR9Nu1WSGOia2vSnXia0ZIhf%2BkkfkB7%2Faw%2FVOUdNxxThstrqfeIuoymunuF5d7OaB7sAQrq4mYt%2Fd8urEPgH2N1uJtZs5lfafzII"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 63f98d68bd6f0b7c-AMS
expires: Fri, 16 Apr 2021 02:37:27 GMT

GET
H/1.1 200
OK 357680475 Show response
player.vimeo.com/video/ Frame D0F0 16 KB
15 KB 125ms
108ms Document
text/html 151.101.112.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/357680475

Requested by

Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4e86312a3378b89f791cf9c9e32316f2a109cc5178ca5e0e8afcb8e6f433a71d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://insurance.ushur.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://insurance.ushur.com/

Response headers

Connection: keep-alive
Content-Length: 12203
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Wed, 14 Apr 2021 02:47:15 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-3
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Wed, 14 Apr 2021 02:37:27 GMT
Age: 0
X-Served-By: cache-hhn4066-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1618367848.782105,VS0,VE101
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 ushur_emailtriage_hero_web.jpg
insurance.ushur.com/wp-content/uploads/2019/06/ 1 MB
1 MB 77ms
76ms Image
image/jpeg 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/06/ushur_emailtriage_hero_web.jpg
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/wp-content/uploads/bb-plugin/cache/19480-layout.css?ver=6d2aa776a8c73cfa20fece78e5f468a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630d7c201ecbdb4bfd9f81c895bc0c3ab34dbb901e2435ba4448771926b5992f

Request headers

Referer: https://insurance.ushur.com/wp-content/uploads/bb-plugin/cache/19480-layout.css?ver=6d2aa776a8c73cfa20fece78e5f468a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10
content-length: 1240508
cf-request-id: 096fd6b5de00000d5214b0e000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: "5f6dcf13-12edbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XkLavQPogjrkv5lYZRbMdf9kV4Og%2FxbOtaWapSI%2Bx3pEDouhD6Y3rs11tiW5%2BuM4BWbCtCt4x%2B%2B9C%2FzFu8hUM9YlBCYBPfMWZ1iFmmZGagJ2%2BmrrzDJEIyVsBLH4CbRg"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d6968ee0d52-ARN
cf-bgj: h2pri

GET
H2 200 dots-pattern-500px.png
insurance.ushur.com/wp-content/uploads/2019/06/ 41 KB
42 KB 60ms
59ms Image
image/png 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/06/dots-pattern-500px.png
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/wp-content/uploads/bb-plugin/cache/19480-layout.css?ver=6d2aa776a8c73cfa20fece78e5f468a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b67291ad1721edd5fac898adefefc050321cbc959a8f2aab647c3ba47073f0

Request headers

Referer: https://insurance.ushur.com/wp-content/uploads/bb-plugin/cache/19480-layout.css?ver=6d2aa776a8c73cfa20fece78e5f468a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 515
content-length: 42217
cf-request-id: 096fd6b5e200000d5241319000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-a4e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nU%2BfU9wKUgwTlbF08vVRGi%2B6ZPcUrEop3qZ5lHdwYux0dFQfgfbtsOVc%2FSCsK40xgDMUZMIhBumVw27ABu4sBWUqXd1C%2FEt2Tkez4kme2l7oz7MOncJt%2FHoRyQbFyOsu"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d6968fd0d52-ARN

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CWork+Sans%3A400&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insurance.ushur.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 520465
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14932
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v9/ 25 KB
25 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CWork+Sans%3A400&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13f3f41462f36d387de32fbdb88b38a4d4deaf1cbc92c5e0fe08e125c8faf247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insurance.ushur.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:07:49 GMT
server: sffe
age: 232429
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25392
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CWork+Sans%3A400&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insurance.ushur.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 232429
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.12.0/webfonts/ 134 KB
135 KB 31ms
14ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.12.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a

Request headers

Origin: https://insurance.ushur.com
Referer: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
last-modified: Tue, 10 Dec 2019 22:45:07 GMT
etag: "e245d7d62db89a9912e17b02bc23e256"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 137704
x-hw: 1618367847.cds136.fr8.hn,1618367847.cds272.fr8.c

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.12.0/webfonts/ 166 KB
166 KB 50ms
34ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.12.0/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ec686d1012de783a5024affc9215692642a7b25af322ecc177062632902e6cd5

Request headers

Origin: https://insurance.ushur.com
Referer: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
last-modified: Tue, 10 Dec 2019 22:51:23 GMT
etag: "983a20d28fbf8fbc27cfeb096f0ebd85"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 169732
x-hw: 1618367847.cds136.fr8.hn,1618367847.cds289.fr8.c

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.12.0/webfonts/ 74 KB
74 KB 45ms
30ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.12.0/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ec2e22fd918a8ffef0f54f466fb7edd2c586f39dad794cd25a0a97ce36c404d2

Request headers

Origin: https://insurance.ushur.com
Referer: https://pro.fontawesome.com/releases/v5.12.0/css/all.css?ver=2.4.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:27 GMT
last-modified: Tue, 10 Dec 2019 22:51:02 GMT
etag: "c4af52f53368b81cc3ea577f37f9a916"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 76008
x-hw: 1618367847.cds136.fr8.hn,1618367847.cds006.fr8.c

GET
H2 200 Ushur_flow_white_turquoise2x.png
insurance.ushur.com/wp-content/uploads/2019/05/ 323 B
649 B 66ms
66ms Image
image/png 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insurance.ushur.com/wp-content/uploads/2019/05/Ushur_flow_white_turquoise2x.png
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 993570ba620f87245a19e7edd65e9e98f91a2eeffd850a86bdec1d861fdd3315

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
content-length: 323
cf-request-id: 096fd6b64700000d52292d9000000001
last-modified: Fri, 25 Sep 2020 11:05:54 GMT
server: cloudflare
etag: "5f6dcf12-143"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gz4tgtBbgkWK4manZQ6ejjdzA03JhndlyeOA3tJBKydG7GAszbNjtJofKtc9TmpAF6Nu9ZgYuIM5l89hLTBcDzeE4EEf%2B28i0%2Bia3rYEBdJkB8emOzhWiaAE6VtTlys9"}],"max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63f98d6a0a0c0d52-ARN

GET
H2 200 wp-embed.min.js Show response
insurance.ushur.com/wp-includes/js/ 1 KB
1004 B 73ms
72ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65000000d5285b89000000001
last-modified: Tue, 26 Jan 2021 15:18:33 GMT
server: cloudflare
etag: W/"601032c9-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TtPF%2F56Jind5Cklpy1xmZM1YEkQNCvVJ%2BhM1JNviIkRjyfqt36GFdjOWBCa8NTT%2B6zcFxCa5o9FTTTyzqMbQ%2FNkUl3KDXK2Ld4CKCKDbLN1ctJ7fKmNMNyxGaVzHn7yd"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a220d52-ARN

GET
H2 200 theme.min.js Show response
insurance.ushur.com/wp-content/themes/bb-theme/js/ 21 KB
5 KB 85ms
83ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.5.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2727fbfa982d08fc080f494aef9828e520ed805a723680081ea47984c648dda9

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65000000d526e3a3000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-52b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ezxZK3S9eK%2BGq9Scx2m3Ilkj5PlevYtzzBfSYN6VFeSCVKq4uiov7yTNDn8mGqyFIOqkAIE6uRohiB9DWTYdo4pJs4RTISYj2gnHAMEYe%2BFYKi%2BUg3AAE%2B4sn5N8rIgz"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a240d52-ARN

GET
H2 200 jquery.magnificpopup.min.js Show response
insurance.ushur.com/wp-content/plugins/bb-plugin/js/ 20 KB
7 KB 87ms
84ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.0.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65100000d52481c9000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-4eba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pFXsWjq%2FZOiFQBo8VJa6%2FPeok6f%2BM3nX4m4KcXkZm69QzNrTN1g7JfXmJCDxwDPFzAEXoShzVmgjcCCC8PkBPOjjqnVKdzv3Lx0xzzXXNhIGD8Ddw0NAvYxd8Sr2Gtze"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a280d52-ARN

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
insurance.ushur.com/wp-content/plugins/bb-plugin/js/ 731 B
732 B 72ms
68ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.0.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65100000d522299d000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dIaG5Ox36EtpsaVPRSPTOR8xN4i8C%2BjWVChnAq87%2BdTg9rOe0YBWRM6Uyn5h8i0UxdeqUMYu4kenPMkG5NgoP74aYnV1elYPatKgGYO%2FQ9atHK%2BE0KZ0ixf7SPkFo%2F6S"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a2a0d52-ARN

GET
H2 200 4259971.js Show response
js.hs-scripts.com/ 2 KB
986 B 55ms
21ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4259971.js?integration=WordPress
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c860684a84455b195ae294596602a6a44a0a29470a66b69cff729d1952c84000

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 12
cf-polished: origSize=1955
cf-request-id: 096fd6b6660000fa4c3d0ae000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B5ACEC19C5E346648E6D870A8AB54E4838729C09C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://insurance.ushur.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 63f98d6a3fecfa4c-AMS
expires: Wed, 14 Apr 2021 02:38:28 GMT

GET
H2 200 19480-layout.js Show response
insurance.ushur.com/wp-content/uploads/bb-plugin/cache/ 58 KB
13 KB 84ms
79ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/uploads/bb-plugin/cache/19480-layout.js?ver=6d2aa776a8c73cfa20fece78e5f468a6
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cac3e287447033c21039ea4bafb5d018c7c9d5c8e6ca9200990484eb8e3c5dc

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11
cf-request-id: 096fd6b65300000d523983f000000001
last-modified: Tue, 01 Dec 2020 08:08:01 GMT
server: cloudflare
etag: W/"5fc5f9e1-e960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lhDH%2B2tpetbiZ0R7yxD749OMEehU9rycHfq6Hcc4nTSgtZXjBcwpjPXF2%2B3v7RGkQIv4zph9MZ%2Bh1%2FFY1%2BJt6tTbAzubMWUYME7O5fjctXTXiG8ytV8mYBh%2B5wHW2%2F6L"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a2f0d52-ARN

GET
H2 200 jquery-carousel.js Show response
insurance.ushur.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/ 85 KB
14 KB 85ms
81ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-carousel.js?ver=5.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d60edcf5a80b4d74c240e99aa1f1a6b8c8071abc11b384ede4d437102811939d

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65700000d521baaf000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-1549f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tHr2dJv6HgsduYm4pV%2BwL2dMPOcMxUWdeNOUZ1Z3%2Ft1%2FpclRI0QxC3XEIpHlWC4wiNe5ITT%2FWVjjrV9G2T657S2ZEzLGbO%2FpyINR5sjpr2L6dNrPc4llRKi8w1m7%2Bj8P"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a320d52-ARN

GET
H2 200 jquery-masonary.js Show response
insurance.ushur.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/ 34 KB
10 KB 74ms
69ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-masonary.js?ver=5.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5f973ee0c0f066b862a660be25b1b4a4187f8501da9043d8e5ecb0c7162d4b

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65400000d5274106000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-89fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7dqbvXb5M6O2P7iCXsyuWxkxFxgmXBirau%2FVLJBxFTEu%2BLmKZJK9UZJJ1Rb2QiqVE1hAzxvuSngkLgcKPjFe2TchOrWbmyBwVtcyRFrJu1YJOCTATMCwyPneQVhVAWpi"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a1a360d52-ARN

GET
H2 200 jquery.mosaicflow.min.js Show response
insurance.ushur.com/wp-content/plugins/bb-plugin/js/ 5 KB
2 KB 71ms
67ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/js/jquery.mosaicflow.min.js?ver=2.4.0.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467da5837e65de73f2d80ee96d59d2f0c0f6503596fc026226e970387218cb87

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65400000d525c2ba000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-1533"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Hw66rY0XOM7hEacFDyx3%2BZFs8314F4fxIagp0G0dbFkXRAM4UQHHezk9cMZjYPhV8c04Ltd17fS9IMUFqWKd85KARR3zjRZR2K2JmB1SoafLhgw6k7ny5Nz%2FKZ0qr5z"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a370d52-ARN

GET
H2 200 jquery.infinitescroll.min.js Show response
insurance.ushur.com/wp-content/plugins/bb-plugin/js/ 21 KB
12 KB 84ms
80ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/js/jquery.infinitescroll.min.js?ver=2.4.0.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65600000d522515e000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-528c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sCcQP8uab7RsGrsj4Sqt5KVwuu3kEnExWNPM06FfXEfObT5Sw8ZP26UsEenM1i1ykoblEM9nq3x8naupK98QrQUw0Wum83NSc5fRDpRcWPfKYpMhogDhO5gTBYm0ySth"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a390d52-ARN

GET
H2 200 js_cookie.js Show response
insurance.ushur.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/ 4 KB
2 KB 84ms
80ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/js_cookie.js?ver=5.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11
cf-request-id: 096fd6b65400000d5259984000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-e70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JJsCbeNxt34UflMGzgFq6O4QpWlPJ5QKGQYpfF1QsPhuj1UEwf3PxkaBIhCVMVFYqsSczyCI0hHCHM5iRfPDyHUz1edgb%2Fl7yZ6soqHPijH6u9XuYKnBDF8fBH%2BzwaY7"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a3a0d52-ARN

GET
H2 200 jquery.fitvids.min.js Show response
insurance.ushur.com/wp-content/plugins/bb-plugin/js/ 2 KB
971 B 83ms
79ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11
cf-request-id: 096fd6b65500000d522a0f1000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-6f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3nwJGvJibm7jn%2F%2Fyz9YYPfZPC%2FdtQObRjgSpQbAZnOQLYrAXJQX2Ux82Eb9RSGbJaKOyDqV9aMdEz4XUFrUBj5fOaYbk9G%2BR9nxIGPcweoa0dXGQCUQSZmUJ9UjK6aOC"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a3c0d52-ARN

GET
H2 200 jquery.waypoints.min.js Show response
insurance.ushur.com/wp-content/plugins/bb-plugin/js/ 9 KB
3 KB 71ms
68ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-content/plugins/bb-plugin/js/jquery.waypoints.min.js?ver=2.4.0.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65500000d52292db000000001
last-modified: Fri, 25 Sep 2020 11:05:55 GMT
server: cloudflare
etag: W/"5f6dcf13-2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uIjJRH%2BJuQ4gtPlrXAQK1LxW3LP2g1wpOrUIZaj9QSxCkWoe05TfZrOaQdbYyQQbKv6hHDolI6dY4ell%2BA2bB8ph1xK7sbgTeW1sYufGEx%2Brurdmd1s4PsqaSlZ8PAKo"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a3f0d52-ARN

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 528 KB
129 KB 74ms
41ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096fd6b66800000ba5b4366000000001
last-modified: Tue, 13 Apr 2021 04:21:19 UTC
server: cloudflare
etag: W/"63331a62eca734989c8849eaffe022e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Xsa7RmAlfyHD3XHncnILYZ5ua5pAgWSAZDsvj2T8GzbB4d578aI7r9IOGMatOfSEO2sVQpXhiW%2FaE3RwsGebMvYA6hgE9Cz1%2BosbfQ1s%2BDm4XlA6aV2AdPMAA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: M5RwkbeiQGm2N3cfIFqKB6JW6xCXyOAo
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 63f98d6a3aa70ba5-AMS
x-amz-cf-id: LAQXFpEK_IkAloLNHYnzHNxMNSn4eZTOf26RvxG6a4ZO450QyUNKrw==

GET
H2 200 4259971.js Show response
js.hs-scripts.com/ 2 KB
552 B 54ms
23ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4259971.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395b67bfc8c07f2348aca4d3879a35d42fa9c4849da9a4f4d14446920a6f13a8

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 12
cf-polished: origSize=1955
cf-request-id: 096fd6b6670000fa4c38840000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B0F3775E786943361C46D3B2CC3AE7D67EEFFFB33000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://insurance.ushur.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 63f98d6a3feefa4c-AMS
expires: Wed, 14 Apr 2021 02:38:28 GMT

GET
H2 404 app.js
insurance.ushur.com/wp-admin/js/ 0
0 70ms
67ms Script
text/html 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-admin/js/app.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 11
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9bpe0rI4pP5gjjOqsQLKpkBi7CWTvd0ZONdoQegf2MApnDKRIz0Qk7%2FeHxyLBZU6XBHqXB5aOXjK0t%2BympeGJfgJW5w%2BrrkPIFci9lOY8DL8V%2BXHCVrH9iJMDnKBciFo"}],"max_age":604800}
content-type: text/html
cache-control: max-age=28800
cf-ray: 63f98d6a2a410d52-ARN
cf-request-id: 096fd6b65500000d523d24a000000001

GET
H2 200 cf6d6b5e50.js Show response
kit.fontawesome.com/ 11 KB
4 KB 57ms
25ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/cf6d6b5e50.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b9103f583af32ae42aa810d01b2f41e3afa8e4b31b9d493ad5838880f2dc4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 12
strict-transport-security: max-age=31536000; preload
cf-request-id: 096fd6b66600002056f9b0b000000001
x-request-id: FnWYg2X1JJ63pz9SuZnh
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 63f98d6a3acc2056-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152421403-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e992e9a48f1417f149b34618278c3e2a372811606cbd7c95247fb886260e4592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39120
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 02:37:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
insurance.ushur.com/wp-includes/js/jquery/ 11 KB
4 KB 71ms
68ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65500000d52532f0000000001
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: cloudflare
etag: W/"5fb63b61-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e9Qvwo0t9nGUfgiEQ0SiAFKhIyShxX%2FMnxgcArtve7MUjWrk7l20ygnx3DpV8CfCglJzR1%2FlY52pAiAVwq2lD5w%2FT3BUgr8EWSfBGKfh79syz3ShX1RXyusN0n8BlVrX"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a430d52-ARN

GET
H2 200 jquery.min.js Show response
insurance.ushur.com/wp-includes/js/jquery/ 87 KB
30 KB 83ms
81ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 516
cf-request-id: 096fd6b65600000d525b164000000001
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bYWesAlr1HM%2BuEeh%2Bpq9lW%2Fjehxszp5ln8lS7a71bMZD6sE8kbB0N9%2F6UL2UlQutSrA72yltYBN33J4RMqJkPsFExuwXV1Lbkl64FR8jzC81h%2B1h405h025WLPlsbgl%2F"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6a2a440d52-ARN

GET
H2 200 812000594.jpg
i.vimeocdn.com/video/ Frame D0F0 884 B
1 KB 37ms
5ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/812000594.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/357680475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05f6fdac9e83c5cef7286e95523f62b0337e146962fff08cc7cc58a10b86893c

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 900609
etag: 57619d9d67e84f64d7299c36bcc6d71c
x-served-by: cache-dfw18642-DFW, cache-hhn4080-HHN
x-cache: miss, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-timer: S1618367848.096910,VS0,VE1
x-backend-server: varnish
content-length: 884
viewmaster-server: viewmaster-us-central1-226g
x-cache-hits: 1, 1

GET
H2 200 player.js Show response
f.vimeocdn.com/p/3.24.22/js/ Frame D0F0 615 KB
145 KB 37ms
7ms Script
application/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.24.22/js/player.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/357680475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0f3327f42effa1ea75b9fa9ed056e87b76982d7813ac63b1a12272422b0d1dba

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 16371
x-guploader-uploadid: ABg5-UzqMFoj9Dxpq5UVceyZgiYxwduFBKHeT8L0IAsvfmHtuVWUZAt75kEY3CJR_e-tEEAR1fzYPgivbpDkeOeUiav20_iSRQ
x-cache: MISS, HIT
content-encoding: br
content-length: 148146
x-served-by: cache-bwi5150-BWI, cache-hhn4037-HHN
last-modified: Tue, 13 Apr 2021 21:58:44 GMT
server: UploadServer
x-timer: S1618367848.099441,VS0,VE0
etag: "39309f55aebd875e017ff8d98925c288"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 6871

GET
H2 200 player.css
f.vimeocdn.com/p/3.24.22/css/ Frame D0F0 159 KB
17 KB 37ms
7ms Stylesheet
text/css 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.24.22/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/357680475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 492d8b0127b4ecdff2290e7bc522650850e00aaee2a8614a519f945c078dcca9

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 16370
x-guploader-uploadid: ABg5-Uxp3wLBU_qNHV_XAQGiD7ZVA05xs5L9nM_ujPSxx4rzkcJqSXu_O3C2hEOG8uEfJ-WX08OHK8AoSS0uVnko5O8qrHGe6A
x-cache: MISS, HIT
content-encoding: br
content-length: 17428
x-served-by: cache-bwi5146-BWI, cache-hhn4037-HHN
last-modified: Tue, 13 Apr 2021 21:58:45 GMT
server: UploadServer
x-timer: S1618367848.099450,VS0,VE0
etag: "e30083d8c072196d42f9ecbd3079b53e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 8754

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame D0F0 3 KB
1 KB 51ms
21ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/357680475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: gzip
age: 29534
x-cache: HIT, HIT
x-cache-hits: 2, 21486
content-length: 1238
x-served-by: cache-bwi5153-BWI, cache-hhn4037-HHN
last-modified: Tue, 13 Apr 2021 16:24:13 GMT
server: Apache
cache-control: max-age=315360000
x-timer: S1618367848.099490,VS0,VE0
etag: "a68-5bfdd0f8b0540"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
x-vimeo-dc: ge
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Apr 2031 18:25:13 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame D0F0 0
789 B 139ms
122ms Other
text/plain 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=5976b0891c24d6a520e5cac9c0604a856c9cdb171618367847

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Served-By: cache-bwi5145-BWI, cache-hhn4024-HHN
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1618367848.149004,VS0,VE115
X-Frame-Options: sameorigin
Date: Wed, 14 Apr 2021 02:37:28 GMT
Vary: User-Agent
Expires: Tue, 13 Apr 2021 14:37:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server: pweb-v9706-7br4n
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H2 200 812000594.webp
i.vimeocdn.com/video/ Frame D0F0 17 KB
17 KB 8ms
8ms Image
image/webp 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/812000594.webp?mw=800&mh=450
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/357680475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48768b1e78c73e3ebca19ff7c7a75b473791d9563c4e768d4778084edde662be

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 110859
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 17178
viewmaster-server: viewmaster-us-central1-vtcx
x-served-by: cache-dfw18646-DFW, cache-hhn4080-HHN
x-timer: S1618367848.229910,VS0,VE1
etag: a9c3239a6ead5b8b2c6d8a6f104a6cdd
x-viewmaster-webp-format: lossy
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame D0F0 0
110 B 124ms
108ms Other
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5976b0891c24d6a520e5cac9c0604a856c9cdb171618367847
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.24.22/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 wp-emoji-release.min.js Show response
insurance.ushur.com/wp-includes/js/ 14 KB
5 KB 59ms
58ms Script
application/javascript 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 514
cf-request-id: 096fd6b77800000d52229b2000000001
last-modified: Tue, 26 Jan 2021 15:18:33 GMT
server: cloudflare
etag: W/"601032c9-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xAkj%2FFItxVvS2tzzrs9A5iI2Gk76aWjlA6oFrWu3tOw9ECqCMS62OYzMqUaxawOXH3n3OfJDkvacR8zbJePmxIz9E8QQekTVQeXaoD30IuyYS0iBj3PkQa745okkucwv"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63f98d6bfdd80d52-ARN

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.3/css/ 312 KB
53 KB 53ms
21ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/css/pro.min.css?token=cf6d6b5e50
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf6d6b5e50.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f734d8ecda48e6d98faab2e1e9b91d6c5f72b86408ea6e2126d4b1681b92ef4c

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 515
content-length: 53820
cf-request-id: 096fd6b7ad00004c4fbd0e5000000001
last-modified: Wed, 17 Mar 2021 02:23:58 GMT
server: cloudflare
etag: "6051683e-d23c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6c4b124c4f-AMS

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.3/css/ 26 KB
4 KB 67ms
35ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/css/pro-v4-shims.min.css?token=cf6d6b5e50
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf6d6b5e50.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce885aa8b86fb7d85992aae4435fb45b444f8d3919dca083c83a36d7600f96d7

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 515
content-length: 4202
cf-request-id: 096fd6b7ad00004c4f14259000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: "6051683d-106a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6c4b144c4f-AMS

GET
H2 404 app.js
insurance.ushur.com/wp-admin/js/ 0
0 60ms
60ms Script
text/html 2606:4700:20::ac43:4b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance.ushur.com/wp-admin/js/app.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://insurance.ushur.com/smartmail/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 11
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gPOWAacGJKvl5NmIBaV7u%2FYHoqSNFLgEVtL8i7%2BtCTjs9yNuoViqShF35DE1oo4bE7RQkJxa9cIufgQ8EmAK9r3bXvf5TC3clRCEzqtfLgCvaCKCvST0iKt3FHfW%2B8Un"}],"max_age":604800}
content-type: text/html
cache-control: max-age=28800
cf-ray: 63f98d6c2e290d52-ARN
cf-request-id: 096fd6b79a00000d5263881000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152421403-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6254
date: Wed, 14 Apr 2021 00:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 14 Apr 2021 02:53:14 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1383869839&t=pageview&_s=1&dl=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&ul=en-us&de=UTF-8&dt=SmartMail%20%E2%80%93%20Ushur&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1380330092&gjid=529274687&cid=788595000.1618367848&tid=UA-152421403-1&_gid=983240329.1618367848&_r=1&gtm=2ou3v0&z=1173215095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 02:37:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insurance.ushur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b04ad4a8-ef84-45ad-a4e5-b717ae2938a0 Show response
forms.hsforms.com/embed/v3/form/4259971/ 185 B
263 B 414ms
382ms Script
application/javascript 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4259971/b04ad4a8-ef84-45ad-a4e5-b717ae2938a0?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323e1f815d13b9ac8c123380a2ae241e68bf608736b4aa20938e090be95bd40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096fd6b81600001eb1c700d000000001
server: cloudflare
x-trace: 2B804E21EECD1A01F54CEBDBD39EF66118779432A3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 63f98d6ce8291eb1-AMS

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 528 KB
129 KB 37ms
36ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096fd6b7f500000ba5d28bd000000001
last-modified: Tue, 13 Apr 2021 04:21:19 UTC
server: cloudflare
etag: W/"63331a62eca734989c8849eaffe022e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m%2BTRVurEwp3VNLE77R92cLt2KCmXhUFNKVP1dDm7Yn0Ooyoyyze9PWS8uow4RThcqJEtE0Rr0y4%2BN0Yx%2BnHrs0aRhKYqkq8nLNZq28zi0WIt5uEJcBz23xDgSw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: M5RwkbeiQGm2N3cfIFqKB6JW6xCXyOAo
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 63f98d6cbdc10ba5-AMS
x-amz-cf-id: LAQXFpEK_IkAloLNHYnzHNxMNSn4eZTOf26RvxG6a4ZO450QyUNKrw==

GET
H2 200 pro-fa-solid-900-5.11.1.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 8 KB
8 KB 22ms
22ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.11.1.woff2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c597787c27b17cb86dac6c0a152a09caaf15ce4c4b2a8a0ac833e2b680a4ce

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 02:28:33 GMT
server: cloudflare
age: 10
etag: "60516951-2134"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6d3cb24c4f-AMS
content-length: 8500
cf-request-id: 096fd6b84100004c4ff3b55000000001

GET
H2 200 pro-fa-brands-400-5.8.2.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 2 KB
2 KB 21ms
21ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.8.2.woff2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42cdc6868cb5db524d79a736d9641e0022b7b318d28443cbd251be10575fef87

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 02:28:21 GMT
server: cloudflare
age: 515
etag: "60516945-960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6d3cb54c4f-AMS
content-length: 2400
cf-request-id: 096fd6b84200004c4fe88d3000000001

GET
H2 200 pro-fa-regular-400-5.6.1.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 988 B
1 KB 34ms
33ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.6.1.woff2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b918c1c17aa8d9713f8e4f461bbeee07c152f669b94634dd91ed41a532dc4bf9

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 02:28:31 GMT
server: cloudflare
age: 515
etag: "6051694f-3dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6d3cbe4c4f-AMS
content-length: 988
cf-request-id: 096fd6b84500004c4f0a23b000000001

GET
H2 200 pro-fa-regular-400-5.2.0.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 10 KB
11 KB 21ms
20ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-regular-400-5.2.0.woff2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ab6b9cb14f31676a40deeb62214e98bed822578d844de5a35f06f69ce3e3974

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 02:28:30 GMT
server: cloudflare
age: 515
etag: "6051694e-29f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6d3cc04c4f-AMS
content-length: 10744
cf-request-id: 096fd6b84500004c4ff1385000000001

GET
H2 200 pro-fa-solid-900-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 13 KB
13 KB 20ms
19ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-solid-900-5.10.2.woff2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ec19da32c4383f47e9760d537b35eb435befe8ffbbc01390d8a8caf2323b40

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 02:28:32 GMT
server: cloudflare
age: 515
etag: "60516950-3400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6d4cc84c4f-AMS
content-length: 13312
cf-request-id: 096fd6b84800004c4fbf0eb000000001

GET
H2 200 pro-fa-brands-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.3/webfonts/ 37 KB
38 KB 21ms
21ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.3/webfonts/pro-fa-brands-400-5.0.0.woff2
Requested by: Host: insurance.ushur.com
URL: https://insurance.ushur.com/smartmail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 128684f31b23344239b648335676fa80bfffee1445b69e1d7469e22ead93ae34

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 02:28:18 GMT
server: cloudflare
age: 515
etag: "60516942-958c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 63f98d6d4cca4c4f-AMS
content-length: 38284
cf-request-id: 096fd6b84900004c4f0413e000000001

GET
H2 200 ff0f2f23-b5f9-4678-8db7-9c1400fd07cc Show response
forms.hsforms.com/embed/v3/form/4259971/ 2 KB
1 KB 119ms
119ms Script
application/javascript 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4259971/ff0f2f23-b5f9-4678-8db7-9c1400fd07cc?callback=hs_reqwest_1&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059fa5809310ddfd9f3552b9cb4b215fbf59afdf276b4ff83970c41fa0a4fa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096fd6b87400001eb1c592a000000001
server: cloudflare
x-trace: 2B54F72A87C0E706E66E7DAD85B622149F7FE2123A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 63f98d6d89001eb1-AMS

GET
H2 200 4259971.js Show response
js.hs-analytics.net/analytics/1618367700000/ 61 KB
19 KB 58ms
25ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1618367700000/4259971.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4259971.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2275bbafb383378133e642ac5065de9826358554863330d887cda43a834ee8c5

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 9
x-guploader-uploadid: ABg5-UxMB9CTBM2hRWjr1KI_6BUEuShpQjPZzMVnik-fd_UQmdmDIDRE6anujTyTr4R_ZQuIwWo7tHFzvoXcVLTK1Sz7HbC-tg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 096fd6b8cf00000b47fa2e9000000001
last-modified: Tue, 23 Feb 2021 22:24:04 GMT
server: cloudflare
etag: W/"a02463a7cf51bb56938668dbdb4c2cba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=NRfUtw==, md5=oCRjp89Ru1aThmjb20wsug==
x-goog-generation: 1614119044451659
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 62398
cf-ray: 63f98d6e1c820b47-AMS
expires: Wed, 14 Apr 2021 02:42:19 GMT

GET
H2 200 4259971.js Show response
js.hs-banner.com/ 59 KB
15 KB 51ms
21ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4259971.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4259971.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a277443b98ec9952f0a2afcda807c7bbde89dd43df6784b3315f42ebcfcf99

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 9
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: DSPDZ27FCBYY8TG3
x-amz-id-2: Ms4iSzQ/tUJOd6iK4k/5LVsEuYHsXfr5KWY1ykM6j3XAJF9nF4rcj3UX5jlb9LX/Min7T0jimOo=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 21:18:56 GMT
server: cloudflare
etag: W/"0b2210d226a2b2d3b6b5f3a8259a1bac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: PdvTaHSsaoY.OQDavZeElVWTXpc8ws71
access-control-allow-origin: https://ushur.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 096fd6b8cc00004bfa33001000000001
cf-ray: 63f98d6e1d424bfa-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 14 Apr 2021 02:42:19 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 72ms
34ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4259971.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eebf081650dbba9480bcd67e6f12b8d1e8c2ecfc9a35cd755c723830a343bad6

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 224f09e9c236b40d399a8b2851ac0069.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 486
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.233/bundles/pixels-release.js&cfRay=63f9818c7f7b0b33-AMS
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 096fd6b8d40000fa50d784c000000001
last-modified: Fri, 09 Apr 2021 01:08:18 UTC
server: cloudflare
etag: W/"feaa874bf9644c0b4e21f32d17b573ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .9QpBm6zJoi1XfxyOAW00zU0TRLgOweV
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 63f98d6e28ccfa50-AMS
x-amz-cf-id: gfex142-ncW70TWX12h0gLGe9GQgZNxiRiKSPBzFqkcVYFloXXto-A==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 449 KB
77 KB 75ms
43ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4259971.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc989692844e318883193e3511bc1cc0b40fc6281ec2426f2804a12300c93602

Request headers

Origin: https://insurance.ushur.com
Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
via: 1.1 156336391961f724345f6534c674b6eb.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 515
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.991/bundle/main/lead-flows-release.js&cfRay=63f980d978f31e71-AMS
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 096fd6b8d200004c437a0c6000000001
cf-ray: 63f98d6e1aa24c43-AMS
last-modified: Fri, 12 Mar 2021 02:33:02 UTC
server: cloudflare
etag: W/"1ba75529998412703561eec84757a05b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: og7pMRYelTI_0jrqQcNhZ1.AqG6zE9H7
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ry6s9AsYYG-__UmjjchaZmiq01sH8lrp0A56HxbCDwJTLQO23A1m-w==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
856 B 81ms
53ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4259971&ct=standard-page&rcu=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&pu=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&t=SmartMail+%E2%80%93+Ushur&cts=1618367848690&vi=2587644cddeaef0cf179a4ee710a2a16&nc=true&u=136825711.2587644cddeaef0cf179a4ee710a2a16.1618367848682.1618367848682.1618367848682.1&b=136825711.1.1618367848682

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63f98d6e8aa0fa18-AMS
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 096fd6b9190000fa189a007000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BqQ904fDxeoYrljxiCfNkQIkc43Sp5D32YIWPh07EX%2FqAHwEcbBSLkMiYzK6bfcSxyh7VidV%2FyoQcGEA0aHEpPcb4%2BG0n1%2ByJ0CXpNTSi%2B233nBacCyVXf%2FLogoSDg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
332 B 52ms
52ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=ff0f2f23-b5f9-4678-8db7-9c1400fd07cc&fci=9c2deb06-0e10-426f-99e6-f5bc0f42c58c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=4259971&ct=standard-page&rcu=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&pu=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&t=SmartMail+%E2%80%93+Ushur&cts=1618367848723&vi=2587644cddeaef0cf179a4ee710a2a16&nc=true&u=136825711.2587644cddeaef0cf179a4ee710a2a16.1618367848682.1618367848682.1618367848682.1&b=136825711.1.1618367848682

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63f98d6e9aa5fa18-AMS
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 096fd6b91d0000fa187c16f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oZ2fGjOVhAXPVmw2kwfmxkbvbRoyW1fgfL25YKQvtjn5QlCKiiDZyy6Wdidw8onS6qHIV1mpSBFsd3eyl1IVzW3nJAcPlATSLHbEhO4Boj0XQHB5M9suY36lYDp6Pg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 206 B
1 KB 163ms
135ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=4259971

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d32a39bff42d6e238265e8d259f7a5ccec2b66d524c3d7168c318650919e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096fd6b93d00004be9cf05d000000001
server: cloudflare
x-trace: 2B5982F2DAA355E2D6DAF0AE16CFB43487B3CF81BB000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MyY9HgKQv%2BggsTjWSdwoLIwTmqVgOL%2BifJyAqEyJ2AG%2FJV9zm4aI0p%2FcUt8NDr36fl7lQDN0YSMgK%2BIHk%2BbNAnA%2FVnu7JqycXoxjHXmcqKilwSrkxnrmrWH%2BFw%3D%3D"}],"max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://insurance.ushur.com
access-control-allow-credentials: false
cf-ray: 63f98d6eca444be9-AMS
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 158ms
127ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4259971&utk=2587644cddeaef0cf179a4ee710a2a16&__hstc=136825711.2587644cddeaef0cf179a4ee710a2a16.1618367848682.1618367848682.1618367848682.1&__hssc=136825711.1.1618367848682&currentUrl=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4cb0a0f35b929ddaf8137ac8e93fd6019359f6059c1002e1a8e338ce470089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096fd6b9b600004c74c583e000000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8MQuP3Wp18K1CkmtMVjnA5fk5cPwySGD1L55bKwKdXfJTfBiOgMGAxqTtEPFMKfilwCuQiCluTx4LH1WOZXQb5W%2B9RAo6Av%2FODbWvbWJlkzsRIoLBbxxFGdZct3Y%2FQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://insurance.ushur.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 63f98d6f8bf94c74-AMS
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-694947897

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96edcb494c8229fad2940c5ce7b7180eba292c21cbfb7fbb0144d53168a38f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35832
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 02:37:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-694947897&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152421403-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b57e9ed59cd469845ca010a5ba72d7862ae3996c2795b69e06f5a094ae4982a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35839
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 02:37:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23960
x-fb-rlafr: 0
pragma: public
x-fb-debug: GnAl3ufDu5i+0Lj169XzYxtueFuCLHNHfYQegwn5eKCcWqzTaIahHd6qgLt4xrVQhwNzCVBfO8olPJuf0fiLJA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 14 Apr 2021 02:37:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 21ms
6ms Script
application/x-javascript 2a02:26f0:7100:481::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 02:37:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=56692
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 38ms
17ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-694947897&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

dfc2eeec5ab4d463511d6b526df5780d24a025b829c72df0a1ab1ae8ac5b5b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
server: cafe
etag: 6528339781316092076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 02:37:28 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1354772&time=1618367848930&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1354772%26time%3D1618367848930%26url%3Dhttps%253A%252F%252Finsurance.ushur.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1354772&time=1618367848930&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&liSync=true

0
59 B

115ms
115ms

Image
application/javascript

2620:119:50e4:101::6cae:b55
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1354772&time=1618367848930&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e4:101::6cae:b55 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:29 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: s6rEDPyYdRawysjf/CoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
content-length: 0
x-li-uuid: mjuBBfyYdRaAjAt33SoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 0C86DE8626E14F24882D851A3CC4AF72 Ref B: FRAEDGE1114 Ref C: 2021-04-14T02:37:29Z
x-frame-options: sameorigin
date: Wed, 14 Apr 2021 02:37:28 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1354772&time=1618367848930&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 3110062025726442 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3110062025726442?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f39d86dcdd82a2abfaf2dd9c2d72a4b54cf1c742cb4354db7b0c4ab8f08318b4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74040
x-fb-rlafr: 0
pragma: public
x-fb-debug: jOUuH9UrUkXqtf0NarwCohyUaOGh/wkCABKQPyO9YsnoMoEnx7B21v0mpirVrO+aUm/kYfBzkO+Amw+SZSUw4g==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 14 Apr 2021 02:37:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3110062025726442&ev=PageView&dl=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&rl=&if=false&ts=1618367848973&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1618367848971.990148054&it=1618367848940&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 02:37:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 14 Apr 2021 02:37:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/694947897/ 2 KB
2 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694947897/?random=1618367848979&cv=9&fst=1618367848979&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3v0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&tiba=SmartMail%20%E2%80%93%20Ushur&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

032a29c40153ff68e7987c13ffd15e299d2646537f6c31510a9c365f5788ddbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 02:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/694947897/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/694947897/?random=1618367848979&cv=9&fst=1618365600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&tiba=SmartMail%20%E2%80%93%20Ushur&async=1&fmt=3&is_vtc=1&random=646542507&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 02:37:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/694947897/ 42 B
154 B 20ms
20ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/694947897/?random=1618367848979&cv=9&fst=1618365600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Finsurance.ushur.com%2Fsmartmail%2F&tiba=SmartMail%20%E2%80%93%20Ushur&async=1&fmt=3&is_vtc=1&random=646542507&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 02:37:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://insurance.ushur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEuCIqRgpW4PfSbG0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 14 Apr 2021 02:37:29 GMT
content-type: text/plain
access-control-allow-origin: https://insurance.ushur.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ushur.com/	1970-01-19 17:32:47	Name: _gat_gtag_UA_152421403_1 Value: 1
.ushur.com/	1970-01-19 17:34:14	Name: _gid Value: GA1.2.983240329.1618367848
.ushur.com/	1970-01-20 11:03:59	Name: _ga Value: GA1.2.788595000.1618367848

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://insurance.ushur.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	error	URL: https://js.hsforms.net/forms/v2.js(Line 1) Message: Couldn't find HubSpot form data. If this is an old form not being used, please consider removing the script

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
api.hubapi.com
connect.facebook.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
insurance.ushur.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
ka-p.fontawesome.com
kit.fontawesome.com
player.vimeo.com
pro.fontawesome.com
px.ads.linkedin.com
snap.licdn.com
track.hubspot.com
vimeo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
142.250.185.130
151.101.112.217
151.101.114.109
151.101.192.217
151.139.128.8
2606:4700:20::ac43:4b5c
2606:4700::6810:5505
2606:4700::6810:a723
2606:4700::6811:46b0
2606:4700::6811:71b0
2606:4700::6811:b849
2606:4700::6811:cccc
2606:4700::6811:d6cc
2606:4700::6811:e7cc
2606:4700::6812:14bf
2606:4700::6812:1634
2606:4700::6812:1734
2606:4700::6813:9a53
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a02:26f0:7100:481::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.202.204
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032a29c40153ff68e7987c13ffd15e299d2646537f6c31510a9c365f5788ddbd
059fa5809310ddfd9f3552b9cb4b215fbf59afdf276b4ff83970c41fa0a4fa78
05f6fdac9e83c5cef7286e95523f62b0337e146962fff08cc7cc58a10b86893c
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f3327f42effa1ea75b9fa9ed056e87b76982d7813ac63b1a12272422b0d1dba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128684f31b23344239b648335676fa80bfffee1445b69e1d7469e22ead93ae34
13f3f41462f36d387de32fbdb88b38a4d4deaf1cbc92c5e0fe08e125c8faf247
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587
20b67291ad1721edd5fac898adefefc050321cbc959a8f2aab647c3ba47073f0
2265f49457f34d9a60ccc3cb64413eb32ebab15c0295dff67323a31a81b89cfb
2275bbafb383378133e642ac5065de9826358554863330d887cda43a834ee8c5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2727fbfa982d08fc080f494aef9828e520ed805a723680081ea47984c648dda9
2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd
323e1f815d13b9ac8c123380a2ae241e68bf608736b4aa20938e090be95bd40b
395b67bfc8c07f2348aca4d3879a35d42fa9c4849da9a4f4d14446920a6f13a8
3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772
408158e9168cbe126207857e5321ac509150ff6ee3ef392925f37f58af69ee83
42cdc6868cb5db524d79a736d9641e0022b7b318d28443cbd251be10575fef87
467da5837e65de73f2d80ee96d59d2f0c0f6503596fc026226e970387218cb87
48768b1e78c73e3ebca19ff7c7a75b473791d9563c4e768d4778084edde662be
492d8b0127b4ecdff2290e7bc522650850e00aaee2a8614a519f945c078dcca9
4e86312a3378b89f791cf9c9e32316f2a109cc5178ca5e0e8afcb8e6f433a71d
52cfa8ae2fbdc9fdf6f8bb7d08a39a418edd5761e74e4f7762db9bfd4d7a3177
58d32a39bff42d6e238265e8d259f7a5ccec2b66d524c3d7168c318650919e25
5ab6b9cb14f31676a40deeb62214e98bed822578d844de5a35f06f69ce3e3974
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cac3e287447033c21039ea4bafb5d018c7c9d5c8e6ca9200990484eb8e3c5dc
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61a277443b98ec9952f0a2afcda807c7bbde89dd43df6784b3315f42ebcfcf99
630d7c201ecbdb4bfd9f81c895bc0c3ab34dbb901e2435ba4448771926b5992f
64ec19da32c4383f47e9760d537b35eb435befe8ffbbc01390d8a8caf2323b40
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4cb0a0f35b929ddaf8137ac8e93fd6019359f6059c1002e1a8e338ce470089
6cf24f1278f448d998d8b504a47393a52ad860c62461df99591f858394a8e9b2
6d5f973ee0c0f066b862a660be25b1b4a4187f8501da9043d8e5ecb0c7162d4b
7fa3fdc68a63c284a8803e8d3b7912ef8f1fdb172a2032e538e36f318d32109b
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
8c21009ecabbee0f78560a5b9938b2083d2ff2ca487b7d9ed548752870ba8504
8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf
92fc469cfd622c04997bedf30964867b359ac93369fb1e38a286d510d8609df8
96edcb494c8229fad2940c5ce7b7180eba292c21cbfb7fbb0144d53168a38f08
987d07f2a8cb67450a77880693e3bd11c0fd4f20685360560280da6b4bc5e908
993570ba620f87245a19e7edd65e9e98f91a2eeffd850a86bdec1d861fdd3315
9b9103f583af32ae42aa810d01b2f41e3afa8e4b31b9d493ad5838880f2dc4e8
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9d2180d4feff6e18985190ee73afb16808b732c3782bff0ee4436ea2ca839059
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
a34e129ed3df3b2296abf74f041f034510a11a31b3243803164b86ffe83855d7
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b57e9ed59cd469845ca010a5ba72d7862ae3996c2795b69e06f5a094ae4982a1
b918c1c17aa8d9713f8e4f461bbeee07c152f669b94634dd91ed41a532dc4bf9
c860684a84455b195ae294596602a6a44a0a29470a66b69cff729d1952c84000
ce885aa8b86fb7d85992aae4435fb45b444f8d3919dca083c83a36d7600f96d7
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d60edcf5a80b4d74c240e99aa1f1a6b8c8071abc11b384ede4d437102811939d
d7c597787c27b17cb86dac6c0a152a09caaf15ce4c4b2a8a0ac833e2b680a4ce
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfc2eeec5ab4d463511d6b526df5780d24a025b829c72df0a1ab1ae8ac5b5b74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e992e9a48f1417f149b34618278c3e2a372811606cbd7c95247fb886260e4592
ec2e22fd918a8ffef0f54f466fb7edd2c586f39dad794cd25a0a97ce36c404d2
ec686d1012de783a5024affc9215692642a7b25af322ecc177062632902e6cd5
eebf081650dbba9480bcd67e6f12b8d1e8c2ecfc9a35cd755c723830a343bad6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39d86dcdd82a2abfaf2dd9c2d72a4b54cf1c742cb4354db7b0c4ab8f08318b4
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f71ac5e99ecb1f425ec66c5a3c9f9648546aab8096c3591a1015ddc9dce18013
f734d8ecda48e6d98faab2e1e9b91d6c5f72b86408ea6e2126d4b1681b92ef4c
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fc989692844e318883193e3511bc1cc0b40fc6281ec2426f2804a12300c93602
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

insurance.ushur.com Open in urlscan Pro 2606:4700:20::ac43:4b5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

81 %IPv6

26 Domains

33 Subdomains

30 IPs

2 Countries

2889 kBTransfer

6174 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

insurance.ushur.com Open in urlscan Pro
2606:4700:20::ac43:4b5c Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

81 %
IPv6

26
Domains

33
Subdomains

30
IPs

2
Countries

2889 kB
Transfer

6174 kB
Size

3
Cookies

90 HTTP transactions
0 data transactions