portal.nextinsurance.com Open in urlscan Pro
52.11.20.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url6221.nextinsurance.com/ls/click?upn=C84jusSxgLB8olrjAF1SyaC5cbY4kuR4AyuLNlWi9TPrdpylAoC8qEi4OlpXIsvh4ugEtYakAGdduDa1XxN...
Effective URL:
https://portal.nextinsurance.com/public/livecert/kb87mtzfv
Submission: On September 18 via manual (September 18th 2020, 11:12:04 pm UTC) from US

Summary HTTP 69 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 8 countries across 15 domains to perform 69 HTTP transactions. The main IP is 52.11.20.8, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is portal.nextinsurance.com.
TLS certificate: Issued by Amazon on May 11th 2020. Valid for: a year.

This is the only time portal.nextinsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
26	52.11.20.8 52.11.20.8	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	34.214.175.178 34.214.175.178	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	138.197.155.84 138.197.155.84	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1 9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
1	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
69	21

1 167.89.115.56 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

url6221.nextinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 52.11.20.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-20-8.us-west-2.compute.amazonaws.com

portal.nextinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.214.175.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-175-178.us-west-2.compute.amazonaws.com

track.nextinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.155.84 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prd-usage-1.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

nextinsurance.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nextinsurance.com 1 redirects url6221.nextinsurance.com portal.nextinsurance.com track.nextinsurance.com	1 MB
9	zdassets.com static.zdassets.com ekr.zdassets.com	563 KB
7	zendesk.com 1 redirects assets.zendesk.com nextinsurance.zendesk.com	3 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	google.com analytics.google.com www.google.com	931 B
3	google-analytics.com www.google-analytics.com	20 KB
3	facebook.net connect.facebook.net	83 KB
2	google.de www.google.de	1004 B
2	doubleclick.net stats.g.doubleclick.net	506 B
2	facebook.com 1 redirects www.facebook.com	604 B
2	googletagmanager.com www.googletagmanager.com	110 KB
2	fullstory.com edge.fullstory.com rs.fullstory.com	61 KB
2	survicate.com survey.survicate.com surveys-static.survicate.com	76 KB
2	trackjs.com cdn.trackjs.com usage.trackjs.com	9 KB
1	atdmt.com cx.atdmt.com	431 B
69	15

	Domain	Requested by
26	portal.nextinsurance.com	portal.nextinsurance.com cdn.trackjs.com
8	static.zdassets.com	assets.zendesk.com static.zdassets.com
6	nextinsurance.zendesk.com	assets.zendesk.com static.zdassets.com
4	fonts.googleapis.com	portal.nextinsurance.com surveys-static.survicate.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	portal.nextinsurance.com connect.facebook.net
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com cdn.trackjs.com
2	analytics.google.com	www.googletagmanager.com
2	www.facebook.com	1 redirects portal.nextinsurance.com
2	www.googletagmanager.com	portal.nextinsurance.com www.googletagmanager.com
1	ekr.zdassets.com	assets.zendesk.com
1	www.google.com
1	cx.atdmt.com
1	assets.zendesk.com	1 redirects
1	usage.trackjs.com
1	surveys-static.survicate.com	survey.survicate.com
1	rs.fullstory.com	cdn.trackjs.com
1	track.nextinsurance.com	portal.nextinsurance.com
1	edge.fullstory.com	portal.nextinsurance.com
1	survey.survicate.com	portal.nextinsurance.com
1	cdn.trackjs.com	portal.nextinsurance.com
1	url6221.nextinsurance.com	1 redirects
69	23

This site contains links to these domains. Also see Links.

Domain
track.nextinsurance.com

Subject Issuer	Validity	Valid
*.next-insurance.com Amazon	`2020-05-11` - `2021-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.trackjs.com RapidSSL RSA CA 2018	`2019-06-11` - `2021-09-09`	2 years	crt.sh
*.survicate.com Certum Domain Validation CA SHA2	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
edge.fullstory.com GTS CA 1D2	`2020-08-29` - `2020-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.fullstory.com Let's Encrypt Authority X3	`2020-08-01` - `2020-10-30`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-08-12` - `2020-11-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
nextinsurance.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
Frame ID: E188815B8723DBE6ED172A750BAEE3CE
Requests: 55 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 90278C9C5B448B003EC013E8778E777A
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.16859676571491710cf4.js
Frame ID: 387E5C241E37029703F7A6A1001DFC06
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://url6221.nextinsurance.com/ls/click?upn=C84jusSxgLB8olrjAF1SyaC5cbY4kuR4AyuLNlWi9TPrdpylAoC8qEi4OlpXIsv... HTTP 302
https://portal.nextinsurance.com/public/livecert/kb87mtzfv Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

69
Requests

100 %
HTTPS

52 %
IPv6

15
Domains

23
Subdomains

21
IPs

8
Countries

2248 kB
Transfer

7442 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://track.nextinsurance.com/?serial=65555

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url6221.nextinsurance.com/ls/click?upn=C84jusSxgLB8olrjAF1SyaC5cbY4kuR4AyuLNlWi9TPrdpylAoC8qEi4OlpXIsvh4ugEtYakAGdduDa1XxN3962psMchxsU3l-2FWVHA4PDJ0-3D3SVe_zTDgx8m0dcwsarrkt1PHsqyFGUidZNbG-2FbOymxsfJDzlYX8oJcqhNzYLs1LAKIRFAd1nHOFGBVRiwWxLXOG-2Bt4YlXYlYLZ713FpwwWWXMN51X-2FMUKtAqIGbKiEdYlM2eAs9GcGfd4SchPrFWNR7OVLh5pciifMAbpWr2edVlaesi340IKd4-2BhmdKCXihUsZ10mMY9ZHObCHyJFqkQs0Q3D-2Fc-2FZSsz15pxQ61oc8xf4F5WElJcPh64s3bCbh2QkWf-2FTEJQdqRi5THudDoX4ioxHjcso5FNUne0gPrBB02hPsbQSO9kHH7cbCJRV1twTysGAUbU8Y00-2BoqDoWRzcnm5iLCu4GoVUOmlF0m-2BKQCcModD2skDx5rVo4IuQHu0jYbdgrgeajgUe42WDfkFDky3mRm5z9Tq85UIMJmb60PZcE0VFAiameT64cu7cKvM9xi HTTP 302
https://portal.nextinsurance.com/public/livecert/kb87mtzfv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 26

https://www.facebook.com/tr/?id=266338727076376&ev=ViewContent&dl=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv&rl=&if=false&ts=1600470707697&sw=1600&sh=1200&ud[external_id]=5eca0e9d5588012db426b0bc60771a82&v=2.9.24&r=stable&ec=1&o=28&fbp=fb.1.1600470706801.31672020&it=1600470706713&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP 302
https://cx.atdmt.com/?c=7023474512961617447&f=AYzEYh_DGEZ6tGR20oVHu2BNZKyBK9WfZg-FODN6C-jKSVkifcb_Lrk_X5tOrCXAWXYL4woxxxlfliGnjCh-1tCD&id=266338727076376&l=3&v=0

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kb87mtzfv Show response
portal.nextinsurance.com/public/livecert/
Redirect Chain

http://url6221.nextinsurance.com/ls/click?upn=C84jusSxgLB8olrjAF1SyaC5cbY4kuR4AyuLNlWi9TPrdpylAoC8qEi4OlpXIsvh4ugEtYakAGdduDa1XxN3962psMchxsU3l-2FWVHA4PDJ0-3D3SVe_zTDgx8m0dcwsarrkt1PHsqyFGUidZNbG-2...
https://portal.nextinsurance.com/public/livecert/kb87mtzfv

515 KB
61 KB

722ms
341ms

Document
text/html

52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

781881e19f391b243dd86528c9c99ec1c965b6635f5cf5ecce6b22d4b4ced934

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: portal.nextinsurance.com
:scheme: https
:path: /public/livecert/kb87mtzfv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 18 Sep 2020 23:11:46 GMT
content-type: text/html; charset=utf-8
server: nginx
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/"80a0e-yWW7FvjDvkUt8YsjHDAtc+xByqo"
set-cookie: next-insurance-portal-http=s%3ALDCu-KEeWMCHn_jpaT5DRhpbnJn_k46m.vBHEWXTj7CR%2BZ3ODji5J%2B5sQLoGLSrsZzqLYAVIHJh4; Domain=.nextinsurance.com; Path=/; Expires=Sat, 19 Sep 2020 23:11:46 GMT; HttpOnly; SameSite=Lax
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 18 Sep 2020 23:11:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 81
Connection: keep-alive
Location: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
X-Robots-Tag: noindex, nofollow

GET
H2 200 icon
fonts.googleapis.com/ 574 B
419 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 23:11:46 GMT
server: ESF
date: Fri, 18 Sep 2020 23:11:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Sep 2020 23:11:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73ef437aba57c45c60a5cb896f5da02b4dc6542c0901269b40451bf4c9936b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 23:11:46 GMT
server: ESF
date: Fri, 18 Sep 2020 23:11:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Sep 2020 23:11:46 GMT

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 27 KB
9 KB 57ms
18ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2683dc981cbd559ef17fbd7335e9b65465c08c6541370256bc779fedf4d2afde

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:46 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 18:28:42 GMT
server: NetDNA-cache/2.2
x-amz-request-id: E18FFA0E6A27A0B3
etag: W/"42fcb690fbba9b25be9061f129cf8bef"
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: s-max-age=3600, max-age=604800, public
x-amz-meta-content-type: application/javascript
access-control-allow-origin: *
x-amz-id-2: NM4U9vBSK/GDBmkiHSX4yJ0cYCaxqRkdgn60EhWx3RS78BblIr28It2U/FNUFEtB1twGEu/eUM0=

GET
H2 200 scripts.js Show response
portal.nextinsurance.com/js/ 3 MB
601 KB 195ms
194ms Script
application/javascript 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/js/scripts.js?version=1600346118300

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6a56f44732804d6d8c005676c569c1e2d85d57dcf54f7d765100e8950c7a65ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:16:21 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"29e4d1-1749821b908"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/00ac576d5b79c14984ad184910153108/ 23 KB
5 KB 134ms
117ms Script
text/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/00ac576d5b79c14984ad184910153108/web_surveys.js
Requested by: Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e85cc4759623df12aed86935dcbda1dee0b10e5b109bb5303d30e32ad37dab4e

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 21:57:42 GMT
server: keycdn-engine
x-amz-request-id: 4B00F8ADD781C43E
x-edge-location: defr
etag: W/"2f3c628e48f7eccdeaf19b37a177dc5f"
x-cache: REVALIDATED
content-type: text/javascript
status: 200
cache-control: max-age=300
access-control-allow-origin: *
x-amz-version-id: 7.43NgUOrb_HhfselA5D4Djp4m1HXZHu
x-amz-id-2: 1/ev6XEdw4zjJFwMfnhYNioUYqk3pt/LSNuvzhu9AzWeWXKnLwcSNCinik9lSySLlE6ucS2uC/I=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp/reporting/
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: N8eYvrw1Yr3F8YN4jFvOQfeMsez4Yq6lQxtK9B6uh0rZODBJeWiR5Hha9UarawHJXq3XcgxjejuXR6FpLtqPqA==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Fri, 18 Sep 2020 23:11:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp/reporting/
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 201 KB
61 KB 85ms
27ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d7b38fb952a78e6eb880a5bd612db89e572edf28a14f63830744bd97856e5dc5

Request headers

Origin: https://portal.nextinsurance.com
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:10:38 GMT
content-encoding: gzip
age: 68
x-guploader-uploadid: ABg5-Uyrm5NqLV3ca_v2wL4lYK2MQQmOARqVBKB2kmIv3K3pkxxQu3STBCWgu1x0RtgrgVtoKm0hkxwPHcMn1aGx6Aw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 61619
last-modified: Wed, 09 Sep 2020 14:43:45 GMT
server: UploadServer
etag: "2d5677ac529501af1cd3b383127ad5df"
x-goog-hash: crc32c=vmbjRA==, md5=LVZ3rFKVAa8c07ODEnrV3w==
x-goog-generation: 1599662625306900
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 61619
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 18 Sep 2020 23:20:38 GMT

GET
H2 200 tracking.js Show response
track.nextinsurance.com/ 17 KB
5 KB 626ms
234ms Script
text/javascript 34.214.175.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.nextinsurance.com/tracking.js?ref=direct&url=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.175.178 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-175-178.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

45a9b56e8a900f2edd912c2af75610639134faa0efd2fed0923faabbc80d2758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains;
expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 267 KB
63 KB 58ms
37ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F3BBB

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a35587d298aaded751c5e773aaebd2e579bbf20693dd3b4d4847d469ee26748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:46 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63622
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Sep 2020 23:11:46 GMT

GET
H2 200 266338727076376 Show response
connect.facebook.net/signals/config/ 151 KB
38 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/266338727076376?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b55349166e585ba1e01dcffe1a318ae173f47ca7068e284cfd438bbabeb31234

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: SW5gsSMdktxRvjcv/vttIVvKc1HetNwCgf/NDtICC19HcfPSw9QVSkqC/tkU7cvbfan9aF2LMWdVSGR8XRfB5g==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Fri, 18 Sep 2020 23:11:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
379 B 23ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=266338727076376&ev=PageView&dl=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv&rl=&if=false&ts=1600470706801&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=28&fbp=fb.1.1600470706801.31672020&it=1600470706713&coo=false&rqm=GET

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 18 Sep 2020 23:11:46 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 54 B
235 B 192ms
134ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

f07df91948dc4257cbf71508d725fea21a67da6bc5f95783def23975772b10e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Sep 2020 23:11:46 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 54

GET
H2 200 widget_core-7.3.3.js Show response
surveys-static.survicate.com/ 222 KB
71 KB 25ms
10ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-7.3.3.js
Requested by: Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/00ac576d5b79c14984ad184910153108/web_surveys.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: f368ab5c1cb787b3c733eda733f16d0325300879f92c39f0f71d7ed3e63450b3

Request headers

Origin: https://portal.nextinsurance.com
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 977D7B2CDA8F56AD
x-edge-location: defr
x-cache: HIT
status: 200
x-amz-id-2: V2X196XIfbhAdxiJd1edMG9jJBAV9U/i7TfhbyKM/xRZ6DyQzrfSOo3K9SzwKZzzdkDPHmC4wPk=
last-modified: Tue, 15 Sep 2020 08:41:03 GMT
server: keycdn-engine
etag: W/"7ebffadf501164dec16ba372c0138762"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2629743

GET
H3-Q050 200 css
fonts.googleapis.com/ 7 KB
766 B 37ms
23ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95acaf0bed68db88e1ae25709e6852b96d1c674fa7ac87de260d7d0445664f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 22:00:50 GMT
server: ESF
date: Fri, 18 Sep 2020 23:11:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Sep 2020 23:11:46 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: surveys-static.survicate.com
URL: https://surveys-static.survicate.com/widget_core-7.3.3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1eca3e676d16bba8d764e1b9bfef2a48e32cba9f1a18fb57a18c08123485003f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 22:02:03 GMT
server: ESF
date: Fri, 18 Sep 2020 23:11:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Sep 2020 23:11:46 GMT

POST
H2 200 create-user-interaction Show response
portal.nextinsurance.com/api/tracking/ 18 B
1 KB 245ms
245ms XHR
application/json 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/api/tracking/create-user-interaction

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
content-length: 18
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"12-+oaPqGE6VvxiAxfS3CHHmux2NUE"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: -1

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 305ms
101ms Image
image/gif 138.197.155.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=d3a9dc91517b42178680e3cf2d39ea88&correlationId=7a2af442-b4f1-4f8c-a086-cc78119e6e65&application=portal-prod&x=4fa4b09b-6b60-42ed-b2d5-1e3004acbbc7&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prd-usage-1.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 23:11:47 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 42ms
28ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8BR8Q0LTNX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F3BBB

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2744b5fe7463ef5a6448ff003fc77ecb8c103ad0765b4c90871ccb8b0f9ed91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48433
x-xss-protection: 0
expires: Fri, 18 Sep 2020 23:11:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F3BBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2286
date: Fri, 18 Sep 2020 22:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 19 Sep 2020 00:33:41 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 43 KB
11 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.24

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10760
x-xss-protection: 0
pragma: public
x-fb-debug: djyogcTWIAscLK5wmMExZRDgQhK3iTn44HDmfE7241vqAJopOKsf1Efdkq1RUCHn2vLpjCq3+aCgbRfqa+XOYA==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Fri, 18 Sep 2020 23:11:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 9027
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

75ms
31ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 11621FB8B831F9A2
x-amz-id-2: wGMbvysWEJGKb+mVOqpSDnl9Fj9CF9Uy6T8niHXsYjMisoe4Mw8ps7WgxAJMLO9vJfuCsfkdRcM=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sY6Zq5SXmxNkbgD1V_h8h9T.ZhWYQwC3
cf-request-id: 05451606490000a8732d9eb200000001
cf-ray: 5d4ebf83aed6a873-CDG

Redirect headers

date: Fri, 18 Sep 2020 23:11:47 GMT
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 5d4ebf833e6eb7c3-CDG
cf-request-id: 05451606070000b7c34b030200000001
expires: Sat, 19 Sep 2020 00:11:47 GMT

GET
H2 200 abtests Show response
portal.nextinsurance.com/api/ 2 B
614 B 216ms
215ms XHR
application/json 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/api/abtests?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
expires: -1

GET
H2 200 notifications.component.html Show response
portal.nextinsurance.com/templates/components/notifications/ 443 B
1 KB 196ms
196ms XHR
text/html 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/templates/components/notifications/notifications.component.html?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2107d2fab5a434a37aaba03841c43c48b50ae9fcf1a23da32717b748595321e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 443
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"1bb-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 footer.component.html Show response
portal.nextinsurance.com/templates/components/footer/ 292 B
899 B 197ms
197ms XHR
text/html 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/templates/components/footer/footer.component.html?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1adbb238975ea76af32d6fe84fcac6fa8f3716584a588f5c2f64828c89ed3d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 292
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"124-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 overlay.component.html Show response
portal.nextinsurance.com/templates/components/overlay/ 344 B
951 B 197ms
197ms XHR
text/html 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/templates/components/overlay/overlay.component.html?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

38ba656d85ee44e4fb93d594560c25a30ccc9576c9340bf88334cc231e0ad516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 344
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"158-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

POST
H2 200 kb87mtzfv Show response
portal.nextinsurance.com/api/livecert/ 1 KB
2 KB 1063ms
1063ms XHR
application/json 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/api/livecert/kb87mtzfv?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

45eb9f63dd64d70e4ca5275bf8740fa34c02a08292319f5055aa24b24f339d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"5c4-is87Kb/PnhoGX94uEg3fdozlCwk"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: -1

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=266338727076376&ev=ViewContent&dl=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv&rl=&if=false&ts=1600470707697&sw=1600&sh=1200&ud[external_id...
https://cx.atdmt.com/?c=7023474512961617447&f=AYzEYh_DGEZ6tGR20oVHu2BNZKyBK9WfZg-FODN6C-jKSVkifcb_Lrk_X5tOrCXAWXYL4woxxxlfliGnjCh-1tCD&id=266338727076376&l=3&v=0

43 B
431 B

39ms
24ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=7023474512961617447&f=AYzEYh_DGEZ6tGR20oVHu2BNZKyBK9WfZg-FODN6C-jKSVkifcb_Lrk_X5tOrCXAWXYL4woxxxlfliGnjCh-1tCD&id=266338727076376&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: /Oz12xbxBrzFSMpqUB8zkfZ+nlY62PLrXW7MgwubUZS7DW+dbyQBxrepc6d6zUqi5SJs1EhqMtFN/KeOtANReA==
content-encoding: br
x-content-type-options: nosniff
date: Fri, 18 Sep 2020 16:11:47 PDT
x-frame-options: DENY
content-type: image/gif
status: 200
cache-control: public, max-age=0
vary: Accept-Encoding
expires: Fri, 18 Sep 2020 16:11:47 PDT

Redirect headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=7023474512961617447&f=AYzEYh_DGEZ6tGR20oVHu2BNZKyBK9WfZg-FODN6C-jKSVkifcb_Lrk_X5tOrCXAWXYL4woxxxlfliGnjCh-1tCD&id=266338727076376&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 22:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2704
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 18 Sep 2020 23:26:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
365 B 33ms
12ms Other
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8BR8Q0LTNX&gtm=2oe990&_p=2062671397&sr=1600x1200&_gaz=1&ul=en-us&cid=1998646156.1600470708&_s=1&dl=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv&dr=&dt=Next%20Insurance%20Customer%20Portal&sid=1600470707&sct=1&seg=0&en=page_view&_fv=2&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BR8Q0LTNX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
46 B 41ms
15ms Other
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8BR8Q0LTNX&cid=1998646156.1600470708&gtm=2oe990&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BR8Q0LTNX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
513 B 36ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8BR8Q0LTNX&cid=1998646156.1600470708&gtm=2oe990&aip=1&z=611528676

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
460 B 28ms
14ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-76835820-1&cid=1998646156.1600470708&jid=1184915289&gjid=841097889&_gid=520390559.1600470708&_u=aGBAgEALAAAAAE~&z=707246013

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Sep 2020 23:11:47 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
189 B 6ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=2062671397&t=pageview&_s=1&dl=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv&ul=en-us&de=UTF-8&dt=Next%20Insurance%20Customer%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=1184915289&gjid=841097889&cid=1998646156.1600470708&tid=UA-76835820-1&_gid=520390559.1600470708&gtm=2wg9905F3BBB&z=1006189295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 16:42:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23337
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
513 B 38ms
18ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-76835820-1&cid=1998646156.1600470708&jid=1184915289&_u=aGBAgEALAAAAAE~&z=1113266612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
491 B 39ms
25ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-76835820-1&cid=1998646156.1600470708&jid=1184915289&_u=aGBAgEALAAAAAE~&z=1113266612

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nextinsurance.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 9027 803 B
838 B 862ms
820ms XHR
application/json 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/nextinsurance.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0419c128c581bb9023a945fcfbd6ec5b9fbe065643a36846d164c8ec1bf055ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 05451606990000cdb34e9bd200000001
x-request-id: ec436c01-a97f-49f2-9cfc-6e73aca98fd2
x-runtime: 0.003616
server: cloudflare
etag: W/"0419c128c581bb9023a945fcfbd6ec5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 5d4ebf842844cdb3-CDG

GET
H2 200 circle-check.svg
portal.nextinsurance.com/assets/img/ 445 B
1 KB 193ms
192ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/circle-check.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e9f058f4b35954ba92b2b23323918ac3dafb11e98684a8711fae50c9a2068cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 445
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"1bd-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 circle-excl.svg
portal.nextinsurance.com/assets/img/ 404 B
1004 B 197ms
197ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/circle-excl.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

28bab8ee407c5c22bfc399787f73fd0bebc24f8f86d93fba1d1f7914a4d37ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 404
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"194-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 OpenSans-Regular.ttf
portal.nextinsurance.com/assets/fonts/Open_Sans/ 212 KB
214 KB 194ms
194ms Font
application/x-font-ttf 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/assets/fonts/Open_Sans/OpenSans-Regular.ttf?corsbuster=true

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://portal.nextinsurance.com
Referer: https://portal.nextinsurance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin
content-length: 217276
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"350bc-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/x-font-ttf
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 preload.16859676571491710cf4.js Show response
static.zdassets.com/web_widget/latest/ Frame 387E 61 KB
18 KB 86ms
84ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.16859676571491710cf4.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7dcbbd74e3680c5a5b7570322e617e85a2fdcdf29f5fd6a51d042fe6d48a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 336649
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 313AF4EF8777B391
x-amz-id-2: 9YDqcshHb1wgZk8vfQ/MXw+5RFYoBfNS8kRHwiTOtl8YPfgJI55DDK/IZaeqgM9+vW2axI6pCWk=
last-modified: Mon, 14 Sep 2020 09:12:27 GMT
server: cloudflare
etag: W/"fc3691a8be022e4269c37edc166f99b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FZFVNFnzC3ECXd9OEHbkpB4RYG721Qrt
cf-request-id: 05451609d50000a8732d9f9200000001
cf-ray: 5d4ebf895925a873-CDG
expires: Tue, 14 Sep 2021 09:12:26 GMT

GET
H2 200 vendors~web_widget.af1f4c14418f7f4d7688.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 387E 1 MB
282 KB 28ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.af1f4c14418f7f4d7688.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e728574e3c99e4633a84fff1ca0df9d61021667f0627a3522f849c3eb468a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9173
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 256FE625A4DD860F
x-amz-id-2: YeOt5gOd3FK26B/dxsgCx0UQ9mSU9jjANjKYdgTWmF1U+K+xWYVloNQsB9picek+wCdR7XLhWkI=
last-modified: Mon, 14 Sep 2020 09:12:28 GMT
server: cloudflare
etag: W/"ff02a002dde49d70e6fa9965cd35be6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: hfm6Jx83crjEGFAcGr69w_TyvM2zdxrs
cf-request-id: 05451609d50000a8732d9fa200000001
cf-ray: 5d4ebf895926a873-CDG
expires: Tue, 14 Sep 2021 09:12:27 GMT

GET
H2 200 web_widget.568b522fa8cb030edc09.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 387E 851 KB
163 KB 90ms
89ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.568b522fa8cb030edc09.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ebeb3a6e3693538ceffc46b6d86f870d999d8a8ebb1da8c657f91a11d17480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 336649
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 983DDC9D92E10DB2
x-amz-id-2: jgyVhHFPsuJdf3sboUOKE8Li6M1FQLsDlygWdJK9dmgajspCLpefhnIcpW56FKsIJl6kV8XUZGI=
last-modified: Mon, 14 Sep 2020 09:12:29 GMT
server: cloudflare
etag: W/"7ad255afa021e10fd4cefd53a61d5066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: .VQ75Vc.OSr7FlsCDy3XXSbxGI0ZVqo5
cf-request-id: 05451609d60000a8732d9fb200000001
cf-ray: 5d4ebf895927a873-CDG
expires: Tue, 14 Sep 2021 09:12:28 GMT

GET
H2 200 chat-sdk.cec40ba63b2a85de0a9c.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 387E 257 KB
50 KB 65ms
64ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.cec40ba63b2a85de0a9c.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2515087
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 69DD04E12522584E
x-amz-id-2: isDdTLLSljMAhPO0R/m0RBcaKG2lyrXbse25xu6KWXST6yG+P26U1ZMvehs8+rXAHpWe+Qng3o0=
last-modified: Wed, 19 Aug 2020 06:58:31 GMT
server: cloudflare
etag: W/"c7b786c485c50d3373906fb0a543389a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: mwVXeXYGLYBCbG2HuQBuvLv8hHjtm5fc
cf-request-id: 05451609d60000a8732d9fc200000001
cf-ray: 5d4ebf895928a873-CDG
expires: Thu, 19 Aug 2021 06:58:30 GMT

GET
H2 200 talk-sdk.a78cdd8b4495e55b4f0a.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 387E 57 KB
18 KB 33ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/talk-sdk.a78cdd8b4495e55b4f0a.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911245e9a32d617b8b908d8e742522fa9ed193aae41570cdb80b263517e453cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6415324
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 52992564E3B14A0D
x-amz-id-2: PB55UKFiSEcQgreCH6/rhrjE2CMZwMkQdjkZEQFtf6xIMGU2FDZdWThzncgjGmzNtQq/c41OUh8=
last-modified: Mon, 06 Jul 2020 06:40:52 GMT
server: cloudflare
etag: W/"dd6b4b79adcd15cd09f88b9f6a39d8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: YAKbmvjZ0_.8UmqGhqJ43nhMr_qhec7D
cf-request-id: 05451609d60000a8732d9fd200000001
cf-ray: 5d4ebf895929a873-CDG
expires: Tue, 06 Jul 2021 06:40:51 GMT

GET
H2 200 navigation.main.blank.html Show response
portal.nextinsurance.com/templates/ 231 B
837 B 190ms
189ms XHR
text/html 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/templates/navigation.main.blank.html?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f404b99f0a725babc9337a8b1ac80b06ac8e4ea962c07dc6b3cc8a6e4b81eb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 231
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"e7-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 config Show response
nextinsurance.zendesk.com/embeddable/ Frame 9027 686 B
1 KB 196ms
145ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nextinsurance.zendesk.com/embeddable/config

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2757568eda6a56b1d1418806150cf41ce31622c0ac996bf811bb3cee5281c279

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
vary: Origin, Accept-Encoding
cf-request-id: 0545160a6a0000cd9bd72a0200000001
x-request-id: 5d4ebf8a4da5cd9b-IAD
x-runtime: 0.002043
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-7d56c4c8ff-x6j6q
cf-ray: 5d4ebf8a4da5cd9b-CDG

GET
H2 200 logo.svg
portal.nextinsurance.com/assets/logos/ 5 KB
3 KB 191ms
191ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/logos/logo.svg

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3d5c53952f620f95dcc2e045026dcc285f4e28b6fc8801a3518873d0b6dd8fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"1323-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 e-certificate.component.html Show response
portal.nextinsurance.com/templates/components/e-certificate/ 5 KB
2 KB 187ms
186ms XHR
text/html 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/templates/components/e-certificate/e-certificate.component.html?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4461bfd20176b18bfbef331e13077b3d481133e433fe285728abed91ab9319c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"13ef-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

POST
H2 200 create-user-interaction Show response
portal.nextinsurance.com/api/tracking/ 18 B
1 KB 197ms
196ms XHR
application/json 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/api/tracking/create-user-interaction?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
content-length: 18
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"12-+oaPqGE6VvxiAxfS3CHHmux2NUE"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: -1

GET
H2 200 en-us-json.cc8e73e5fe307bb27426.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 387E 25 KB
5 KB 27ms
26ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.cc8e73e5fe307bb27426.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.16859676571491710cf4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5077037
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 7371859460D02ADE
x-amz-id-2: ZZnse1hOUazVY8jiHj9eiOhRUo4FmJY5SDPyjPkLEk2wu1r8GYGjwk5We88DUjbLwJVzUZ8hYDA=
last-modified: Wed, 22 Jul 2020 04:05:08 GMT
server: cloudflare
etag: W/"c94e458331968060067c4539f118fd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 5EVM6Ae5ZeloER_IP_K91Z5iUqcAli8n
cf-request-id: 0545160b2c0000a8732da02200000001
cf-ray: 5d4ebf8b7a01a873-CDG
expires: Thu, 22 Jul 2021 04:05:07 GMT

GET
H2 200 embeddable_blip Show response
nextinsurance.zendesk.com/ Frame 387E 0
251 B 139ms
139ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextinsurance.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ6RS5oaWRlIiwibGFiZWwiOm51bGwsInZhbHVlIjp7ImFyZ3MiOm51bGx9fSwiYnVpZCI6IjMyNDk4ODQ2NDE0YzY3NzRjYzA0MGY2NWIyYmFmYWE1Iiwic3VpZCI6IjE1NjE4YTQ3YzdiOTNlZWZiNGY1ZjAwODg1ZWU1YWMxIiwidmVyc2lvbiI6IjdjZWI5ZTMzOCIsInRpbWVzdGFtcCI6IjIwMjAtMDktMThUMjM6MTE6NDkuMDM2WiIsInVybCI6Imh0dHBzOi8vcG9ydGFsLm5leHRpbnN1cmFuY2UuY29tL3B1YmxpYy9saXZlY2VydC9rYjg3bXR6ZnYifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.af1f4c14418f7f4d7688.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5d4ebf8b8ffccd9b-CDG
cf-request-id: 0545160b370000cd9bd72aa200000001

GET
H2 200 embeddable_blip Show response
nextinsurance.zendesk.com/ Frame 387E 0
254 B 472ms
472ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextinsurance.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQ6b24ub3BlbiIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6eyJhcmdzIjoiPGNhbGxiYWNrIGZ1bmN0aW9uPiJ9fSwiYnVpZCI6IjMyNDk4ODQ2NDE0YzY3NzRjYzA0MGY2NWIyYmFmYWE1Iiwic3VpZCI6IjE1NjE4YTQ3YzdiOTNlZWZiNGY1ZjAwODg1ZWU1YWMxIiwidmVyc2lvbiI6IjdjZWI5ZTMzOCIsInRpbWVzdGFtcCI6IjIwMjAtMDktMThUMjM6MTE6NDkuMDM5WiIsInVybCI6Imh0dHBzOi8vcG9ydGFsLm5leHRpbnN1cmFuY2UuY29tL3B1YmxpYy9saXZlY2VydC9rYjg3bXR6ZnYifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.af1f4c14418f7f4d7688.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5d4ebf8b8ffdcd9b-CDG
cf-request-id: 0545160b380000cd9bd72ab200000001

GET
H2 200 embeddable_blip Show response
nextinsurance.zendesk.com/ Frame 387E 0
252 B 165ms
164ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextinsurance.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQ6b24uY2hhdDpzdGFydCIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6eyJhcmdzIjoiPGNhbGxiYWNrIGZ1bmN0aW9uPiJ9fSwiYnVpZCI6IjMyNDk4ODQ2NDE0YzY3NzRjYzA0MGY2NWIyYmFmYWE1Iiwic3VpZCI6IjE1NjE4YTQ3YzdiOTNlZWZiNGY1ZjAwODg1ZWU1YWMxIiwidmVyc2lvbiI6IjdjZWI5ZTMzOCIsInRpbWVzdGFtcCI6IjIwMjAtMDktMThUMjM6MTE6NDkuMDQwWiIsInVybCI6Imh0dHBzOi8vcG9ydGFsLm5leHRpbnN1cmFuY2UuY29tL3B1YmxpYy9saXZlY2VydC9rYjg3bXR6ZnYifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.af1f4c14418f7f4d7688.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5d4ebf8b8fffcd9b-CDG
cf-request-id: 0545160b380000cd9bd72ac200000001

GET
H2 200 embeddable_blip Show response
nextinsurance.zendesk.com/ Frame 387E 0
575 B 136ms
136ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextinsurance.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQ6b24uY2hhdDplbmQiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6IjxjYWxsYmFjayBmdW5jdGlvbj4ifX0sImJ1aWQiOiIzMjQ5ODg0NjQxNGM2Nzc0Y2MwNDBmNjViMmJhZmFhNSIsInN1aWQiOiIxNTYxOGE0N2M3YjkzZWVmYjRmNWYwMDg4NWVlNWFjMSIsInZlcnNpb24iOiI3Y2ViOWUzMzgiLCJ0aW1lc3RhbXAiOiIyMDIwLTA5LTE4VDIzOjExOjQ5LjA0MFoiLCJ1cmwiOiJodHRwczovL3BvcnRhbC5uZXh0aW5zdXJhbmNlLmNvbS9wdWJsaWMvbGl2ZWNlcnQva2I4N210emZ2In0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.af1f4c14418f7f4d7688.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5d4ebf8b8802cd9b-CDG
cf-request-id: 0545160b380000cd9bd72ad200000001

GET
H2 200 embeddable_blip Show response
nextinsurance.zendesk.com/ Frame 387E 0
251 B 143ms
143ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextinsurance.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vcG9ydGFsLm5leHRpbnN1cmFuY2UuY29tLyIsInRpbWUiOjYzLCJsb2FkVGltZSI6bnVsbCwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6Ik5leHQgSW5zdXJhbmNlIEN1c3RvbWVyIFBvcnRhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiMzI0OTg4NDY0MTRjNjc3NGNjMDQwZjY1YjJiYWZhYTUiLCJzdWlkIjoiMTU2MThhNDdjN2I5M2VlZmI0ZjVmMDA4ODVlZTVhYzEiLCJ2ZXJzaW9uIjoiN2NlYjllMzM4IiwidGltZXN0YW1wIjoiMjAyMC0wOS0xOFQyMzoxMTo0OS4wOThaIiwidXJsIjoiaHR0cHM6Ly9wb3J0YWwubmV4dGluc3VyYW5jZS5jb20vcHVibGljL2xpdmVjZXJ0L2tiODdtdHpmdiJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.af1f4c14418f7f4d7688.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5d4ebf8be889cd9b-CDG
cf-request-id: 0545160b730000cd9bd72b1200000001

POST
H2 200 create-user-interaction Show response
portal.nextinsurance.com/api/tracking/ 18 B
1 KB 192ms
191ms XHR
application/json 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/api/tracking/create-user-interaction?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
content-length: 18
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"12-+oaPqGE6VvxiAxfS3CHHmux2NUE"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: -1

GET
H2 200 eCertificate.overlay.html Show response
portal.nextinsurance.com/templates/ 1 KB
1 KB 188ms
188ms XHR
text/html 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/templates/eCertificate.overlay.html?version=1600346118300

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ac7756fcc4469f26dc51986c658c35e6fa04cc57ce9e1059dc204687f9bde77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
max-age: 31536000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"48d-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07a574c35e45668e24d6c5ba94e5e2967876373bd9417d8de5b868c86237e334

Request headers

Origin: https://portal.nextinsurance.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 OpenSans-SemiBold.ttf
portal.nextinsurance.com/assets/fonts/Open_Sans/ 216 KB
217 KB 215ms
213ms Font
application/x-font-ttf 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/assets/fonts/Open_Sans/OpenSans-SemiBold.ttf?corsbuster=true

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b4c2050b25d3d296d5cf58589ca00816dc72df42262c2f629d5c6a984a161aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://portal.nextinsurance.com
Referer: https://portal.nextinsurance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin
content-length: 221164
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"35fec-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/x-font-ttf
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 Montserrat-SemiBold.ttf
portal.nextinsurance.com/assets/fonts/Montserrat/ 188 KB
189 KB 190ms
188ms Font
application/x-font-ttf 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.nextinsurance.com/assets/fonts/Montserrat/Montserrat-SemiBold.ttf?corsbuster=true

Requested by

Host: portal.nextinsurance.com
URL: https://portal.nextinsurance.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d26efb0dcc5b153bb38c8600fe0e5c3ed3ee2c8be163e73d30fd99ad691cf010

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://portal.nextinsurance.com
Referer: https://portal.nextinsurance.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Origin
content-length: 192268
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"2ef0c-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: application/x-font-ttf
access-control-allow-origin: https://portal.nextinsurance.com
access-control-expose-headers: Accept,Accept-Charset,Accept-Datetime,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Length,Content-MD5,Content-Range,Content-Type,Cookie,DNT,Date,Expect,Forwarded,From,Front-End-Https,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Keep-Alive,Max-Forwards,Origin,Pragma,Proxy-Authorization,Proxy-Connection,Range,Referer,TE,Upgrade,User-Agent,User-Agent,Via,Warning,X-ATT-DeviceId,X-Cloudfront-Request,X-Correlation-ID,X-Csrf-Token,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,X-Http-Method-Override,X-Real-IP,X-Request-ID,X-Requested-With,X-UIDH,X-Wap-Profile
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 new-shield.svg
portal.nextinsurance.com/assets/img/ 790 B
1 KB 215ms
214ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/new-shield.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

feb2a897a8fdd22ddb5ff9977bc3cd59c3cba276217d3ac8cc9789efee8ddd0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 790
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"316-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 ann-signature.png
portal.nextinsurance.com/assets/img/ 2 KB
3 KB 191ms
190ms Image
image/png 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/ann-signature.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9f2a457d96cd89449050416e6c3133785bbba43e0b68b890b5f3e6982c2d26a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
etag: W/"95e-1749820af68"
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
status: 200
cache-control: public, max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 2398
x-xss-protection: 1; mode=block

GET
H2 200 expired-policy.svg
portal.nextinsurance.com/assets/img/ 705 B
1 KB 215ms
214ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/expired-policy.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f4b58340d3faf69f61d6f211ae73d9e4b03fb0f78612421af0aa2fcde906b8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 705
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"2c1-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 safe-phone-v2.svg
portal.nextinsurance.com/assets/img/ 1 KB
1 KB 191ms
187ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/safe-phone-v2.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fd85a0dc09955b20af5c4b3f6d1d3ac5823206b0dcc3a789feaa8336c5f3c258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"45f-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 share-small.svg
portal.nextinsurance.com/assets/img/ 1 KB
1 KB 193ms
189ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/share-small.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

01674595af7d7bbfc71e95c917d87ce9852bf8f6f9b103cae9ae4b8da2ee3d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"59f-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 bullseye-small.svg
portal.nextinsurance.com/assets/img/ 629 B
1 KB 189ms
188ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/bullseye-small.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

dfad84bc50ab406df1367b27f1f02f9c45dcf55e6f28103d62bb11772e7cc355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
content-length: 629
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"275-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 safe-laptop-small.svg
portal.nextinsurance.com/assets/img/ 1 KB
1 KB 190ms
190ms Image
image/svg+xml 52.11.20.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.nextinsurance.com/assets/img/safe-laptop-small.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.20.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-20-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a53f1cbe8bf2fd72a3d2bd910af892dcb9a08afaa03ab2e4a5a376ad6a178424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Sep 2020 18:15:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"423-1749820af68"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 387E 19 KB
20 KB 53ms
52ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 18 Sep 2020 23:11:49 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: EDE34CB1D629AB46
x-amz-server-side-encryption: AES256
cf-ray: 5d4ebf8f3b52a873-CDG
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: Q65iS68aepLwLrhoeSG4rcxdAX+itXbFXtk8DPRbmPGQ96QBDEeQPuIMVtKS2c35JYp1Fdl3tyY=
Content-Range: bytes 0-19697/19698
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 0545160d800000a8732da0e200000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
53 B 12ms
12ms Other
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8BR8Q0LTNX&gtm=2oe990&_p=2062671397&sr=1600x1200&ul=en-us&cid=1998646156.1600470708&_s=2&dl=https%3A%2F%2Fportal.nextinsurance.com%2Fpublic%2Flivecert%2Fkb87mtzfv&dr=&dt=Next%20Insurance%20Customer%20Portal&sid=1600470707&sct=1&seg=0&en=scroll&_et=6&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BR8Q0LTNX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.nextinsurance.com/public/livecert/kb87mtzfv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 23:11:52 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://portal.nextinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nextinsurance.com/	1970-01-19 12:34:30	Name: _dc_gtm_UA-76835820-1 Value: 1
.nextinsurance.com/	1970-01-19 12:35:57	Name: _gid Value: GA1.2.520390559.1600470708
.nextinsurance.com/	1970-01-25 20:31:23	Name: first-visit Value: 1600470707168
.nextinsurance.com/	1970-01-20 06:05:42	Name: _ga Value: GA1.1.1998646156.1600470708
.nextinsurance.com/	1970-01-19 17:22:30	Name: tracking-id Value: ee1e02f54344c6d29db2a2f4b931e567
.nextinsurance.com/	1970-01-19 17:22:30	Name: next-insurance Value: 5eca0e9d5588012db426b0bc60771a82
portal.nextinsurance.com/	1969-12-31 23:59:59	Name: TV_Campaign_6_2020 Value: 2
.nextinsurance.com/	1970-01-19 12:35:57	Name: next-insurance-http Value: s%3AUUbittbIHYrket7RKRMyETsqskby0NQ1.clgToW2fo9erasPC9raZPjxTV3Mh7Y077%2Bz4l8pUs3Y
.nextinsurance.com/	1970-01-19 14:44:06	Name: _fbp Value: fb.1.1600470706801.31672020
.nextinsurance.com/	1970-01-20 06:05:42	Name: _ga_8BR8Q0LTNX Value: GS1.1.1600470707.1.0.1600470707.60
.nextinsurance.com/	1970-01-19 12:35:57	Name: next-insurance-portal-http Value: s%3ALDCu-KEeWMCHn_jpaT5DRhpbnJn_k46m.vBHEWXTj7CR%2BZ3ODji5J%2B5sQLoGLSrsZzqLYAVIHJh4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://portal.nextinsurance.com/public/livecert/kb87mtzfv(Line 15) Message: Server properties loaded correctly
console-api	log	URL: https://cdn.trackjs.com/agent/v3/latest/t.js(Line 13) Message: Document is visible.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
assets.zendesk.com
cdn.trackjs.com
connect.facebook.net
cx.atdmt.com
edge.fullstory.com
ekr.zdassets.com
fonts.googleapis.com
nextinsurance.zendesk.com
portal.nextinsurance.com
rs.fullstory.com
static.zdassets.com
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
track.nextinsurance.com
url6221.nextinsurance.com
usage.trackjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.71.113
138.197.155.84
167.89.115.56
2a00:1450:4001:809::2003
2a00:1450:4001:816::200e
2a00:1450:4001:818::2004
2a00:1450:4001:818::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c09::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
34.214.175.178
35.186.194.58
35.201.112.186
52.11.20.8
94.31.29.32
01674595af7d7bbfc71e95c917d87ce9852bf8f6f9b103cae9ae4b8da2ee3d4d
0419c128c581bb9023a945fcfbd6ec5b9fbe065643a36846d164c8ec1bf055ad
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07a574c35e45668e24d6c5ba94e5e2967876373bd9417d8de5b868c86237e334
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
1adbb238975ea76af32d6fe84fcac6fa8f3716584a588f5c2f64828c89ed3d64
1eca3e676d16bba8d764e1b9bfef2a48e32cba9f1a18fb57a18c08123485003f
2107d2fab5a434a37aaba03841c43c48b50ae9fcf1a23da32717b748595321e7
2683dc981cbd559ef17fbd7335e9b65465c08c6541370256bc779fedf4d2afde
2744b5fe7463ef5a6448ff003fc77ecb8c103ad0765b4c90871ccb8b0f9ed91c
2757568eda6a56b1d1418806150cf41ce31622c0ac996bf811bb3cee5281c279
28bab8ee407c5c22bfc399787f73fd0bebc24f8f86d93fba1d1f7914a4d37ea6
2ebeb3a6e3693538ceffc46b6d86f870d999d8a8ebb1da8c657f91a11d17480e
38ba656d85ee44e4fb93d594560c25a30ccc9576c9340bf88334cc231e0ad516
39e728574e3c99e4633a84fff1ca0df9d61021667f0627a3522f849c3eb468a9
3d5c53952f620f95dcc2e045026dcc285f4e28b6fc8801a3518873d0b6dd8fe2
4461bfd20176b18bfbef331e13077b3d481133e433fe285728abed91ab9319c4
45a9b56e8a900f2edd912c2af75610639134faa0efd2fed0923faabbc80d2758
45eb9f63dd64d70e4ca5275bf8740fa34c02a08292319f5055aa24b24f339d9d
4d7dcbbd74e3680c5a5b7570322e617e85a2fdcdf29f5fd6a51d042fe6d48a12
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6a35587d298aaded751c5e773aaebd2e579bbf20693dd3b4d4847d469ee26748
6a56f44732804d6d8c005676c569c1e2d85d57dcf54f7d765100e8950c7a65ae
73ef437aba57c45c60a5cb896f5da02b4dc6542c0901269b40451bf4c9936b36
781881e19f391b243dd86528c9c99ec1c965b6635f5cf5ecce6b22d4b4ced934
8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
911245e9a32d617b8b908d8e742522fa9ed193aae41570cdb80b263517e453cb
95acaf0bed68db88e1ae25709e6852b96d1c674fa7ac87de260d7d0445664f6a
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9f2a457d96cd89449050416e6c3133785bbba43e0b68b890b5f3e6982c2d26a5
a53f1cbe8bf2fd72a3d2bd910af892dcb9a08afaa03ab2e4a5a376ad6a178424
ac7756fcc4469f26dc51986c658c35e6fa04cc57ce9e1059dc204687f9bde77a
b4c2050b25d3d296d5cf58589ca00816dc72df42262c2f629d5c6a984a161aa4
b55349166e585ba1e01dcffe1a318ae173f47ca7068e284cfd438bbabeb31234
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26efb0dcc5b153bb38c8600fe0e5c3ed3ee2c8be163e73d30fd99ad691cf010
d7b38fb952a78e6eb880a5bd612db89e572edf28a14f63830744bd97856e5dc5
dfad84bc50ab406df1367b27f1f02f9c45dcf55e6f28103d62bb11772e7cc355
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85cc4759623df12aed86935dcbda1dee0b10e5b109bb5303d30e32ad37dab4e
e9f058f4b35954ba92b2b23323918ac3dafb11e98684a8711fae50c9a2068cb5
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07df91948dc4257cbf71508d725fea21a67da6bc5f95783def23975772b10e0
f368ab5c1cb787b3c733eda733f16d0325300879f92c39f0f71d7ed3e63450b3
f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8
f404b99f0a725babc9337a8b1ac80b06ac8e4ea962c07dc6b3cc8a6e4b81eb81
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
f4b58340d3faf69f61d6f211ae73d9e4b03fb0f78612421af0aa2fcde906b8c2
fd85a0dc09955b20af5c4b3f6d1d3ac5823206b0dcc3a789feaa8336c5f3c258
feb2a897a8fdd22ddb5ff9977bc3cd59c3cba276217d3ac8cc9789efee8ddd0a

portal.nextinsurance.com Open in urlscan Pro 52.11.20.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

52 %IPv6

15 Domains

23 Subdomains

21 IPs

8 Countries

2248 kBTransfer

7442 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portal.nextinsurance.com Open in urlscan Pro
52.11.20.8 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

52 %
IPv6

15
Domains

23
Subdomains

21
IPs

8
Countries

2248 kB
Transfer

7442 kB
Size

11
Cookies

69 HTTP transactions
1 data transactions