aar-insurance.ug Open in urlscan Pro
192.185.92.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aar-insurance.ug/oqu/dstoaimeslee
Submission: On October 10 via api (October 10th 2024, 6:03:22 am UTC) from RU — Scanned from DE

Summary HTTP 74 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 74 HTTP transactions. The main IP is 192.185.92.35, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is aar-insurance.ug.
TLS certificate: Issued by R11 on September 19th 2024. Valid for: 3 months.

This is the only time aar-insurance.ug was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	192.185.92.35 192.185.92.35	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
7	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 _) (CDN77 _)
15	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb00:7d54:f657:bdbc:3ac3	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.156.160.193 35.156.160.193	16509 (AMAZON-02) (AMAZON-02)
2	3.65.94.56 3.65.94.56	16509 (AMAZON-02) (AMAZON-02)
74	12

29 192.185.92.35 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-92-35.unifiedlayer.com

aar-insurance.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rms.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb00:7d54:f657:bdbc:3ac3 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.160.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-160-193.eu-central-1.compute.amazonaws.com

aarinsurance-ug.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.94.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-94-56.eu-central-1.compute.amazonaws.com

aarinsurance-ug.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	aar-insurance.ug aar-insurance.ug	311 KB
15	rms.cx rms.cx	91 KB
9	gstatic.com fonts.gstatic.com	45 KB
8	userway.org cdn.userway.org — Cisco Umbrella Rank: 3272 api.userway.org — Cisco Umbrella Rank: 3171	64 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
4	freshchat.com aarinsurance-ug.freshchat.com	24 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	16 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270	7 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
74	9

	Domain	Requested by
29	aar-insurance.ug	aar-insurance.ug rms.cx
15	rms.cx	aar-insurance.ug rms.cx
9	fonts.gstatic.com	fonts.googleapis.com
7	cdn.userway.org	aar-insurance.ug cdn.userway.org
5	fonts.googleapis.com	aar-insurance.ug rms.cx
4	aarinsurance-ug.freshchat.com	aar-insurance.ug aarinsurance-ug.freshchat.com
1	cdnjs.cloudflare.com	rms.cx
1	stackpath.bootstrapcdn.com	rms.cx
1	api.userway.org	cdn.userway.org
1	www.google.com	aar-insurance.ug
74	10

This site contains links to these domains. Also see Links.

Domain
aar-insurance.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
plexosys-consult.com
api.whatsapp.com

Subject Issuer	Validity	Valid
aar-insurance.ug R11	`2024-09-19` - `2024-12-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
rms.cx WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.freshchat.com Amazon RSA 2048 M02	`2023-12-17` - `2025-01-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://aar-insurance.ug/oqu/dstoaimeslee
Frame ID: A13C08DB1E43E6E31D6AA3E986FA83F1
Requests: 69 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=AAR%20Head%20Office&zoom=16
Frame ID: F8A733261EB475F47B71097A0B12B799
Requests: 1 HTTP requests in this frame

Frame: https://aarinsurance-ug.freshchat.com/widget/config_iframe.html?host=https://aarinsurance-ug.freshchat.com&token=4f844a80-3329-4de1-94de-c938831bce3c&origin=https://aar-insurance.ug
Frame ID: 50BAB6D1F540D39EA404271D79056289
Requests: 1 HTTP requests in this frame

Frame: https://aarinsurance-ug.freshchat.com/widget/?token=4f844a80-3329-4de1-94de-c938831bce3c&referrer=aHR0cHM6Ly9hYXItaW5zdXJhbmNlLnVn&eagerLoad=true
Frame ID: 6B764E4D8D968652ECC207D63A3E631B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - AAR Insurance Uganda

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

74
Requests

99 %
HTTPS

73 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

560 kB
Transfer

1912 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://aar-insurance.com/
Title: KE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AARUganda

Search URL Search Domain Scan URL

URL: https://twitter.com/AARInsuranceU

Search URL Search Domain Scan URL

URL: https://www.instagram.com/aarinsuranceu/?hl=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/aar-insurance-uganda/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@aarinsurance1112

Search URL Search Domain Scan URL

URL: https://plexosys-consult.com/
Title: PlexoSys Consult Ltd

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=256743342859&text=Hello%2C+Welcome+to+AAR+Health+Services%2C+how+can+we+help+you%3F

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request dstoaimeslee Show response
aar-insurance.ug/oqu/ 299 KB
67 KB 1044ms
534ms Document
text/html 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 9089890a757940a415ac252546c02a8dc2a13a0fa6881ebbc925c4b2a1048b69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 06:03:16 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://aar-insurance.ug/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding

GET
H2 200 tcb-base-css-19-1721111255.css
aar-insurance.ug/wp-content/uploads/thrive/ 17 KB
5 KB 239ms
237ms Stylesheet
text/css 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/uploads/thrive/tcb-base-css-19-1721111255.css
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 4814
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Tue, 16 Jul 2024 06:27:35 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 style.min.css
aar-insurance.ug/wp-includes/css/dist/block-library/ 110 KB
21 KB 238ms
235ms Stylesheet
text/css 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-encoding: gzip
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Tue, 10 Sep 2024 23:05:34 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 style.css
aar-insurance.ug/wp-content/themes/thrive-theme/ 18 KB
5 KB 142ms
140ms Stylesheet
text/css 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/themes/thrive-theme/style.css?ver=10.1
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: f6fc0ceda15f3d2c0087a0df29f582bec9e8c6da0b9ff6fcb72a717f73faef08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 5259
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Fri, 06 Sep 2024 10:42:09 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 jquery.min.js Show response
aar-insurance.ug/wp-includes/js/jquery/ 86 KB
37 KB 236ms
234ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-encoding: gzip
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
aar-insurance.ug/wp-includes/js/jquery/ 13 KB
5 KB 146ms
144ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 5422
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 imagesloaded.min.js Show response
aar-insurance.ug/wp-includes/js/ 5 KB
2 KB 239ms
237ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 2112
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 masonry.min.js Show response
aar-insurance.ug/wp-includes/js/ 24 KB
9 KB 238ms
236ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 9216
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 jquery.masonry.min.js Show response
aar-insurance.ug/wp-includes/js/jquery/ 2 KB
824 B 141ms
139ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 724
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 general.min.js Show response
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 70 KB
29 KB 236ms
235ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=10.2.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-encoding: gzip
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Thu, 03 Oct 2024 16:39:32 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 frontend.min.js Show response
aar-insurance.ug/wp-content/themes/thrive-theme/inc/assets/dist/ 29 KB
11 KB 238ms
236ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=10.1
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 11429
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Fri, 06 Sep 2024 10:42:09 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 3 KB
507 B 92ms
41ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 06:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 06:03:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 81ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600,500,300,700,800,200,900,400i,500i&subset=latin&display=swap

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc680ed441d2dd21e73741862ad164686ec9367063ef2b0482dfde58e9930dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 06:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 06:03:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/ 54 KB
54 KB 245ms
245ms Image
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 55254
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:52 GMT
content-type: image/png
server: Apache

GET
H2 200 individualCalculator.js Show response
aar-insurance.ug/customJs/ 17 KB
3 KB 242ms
242ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/customJs/individualCalculator.js?v=0.1
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 90eea3f7f06b588e54d7bbcfbbbdef83d90ca11cd56f32eae4c60ff931060fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 3109
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 09 Sep 2024 12:48:37 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 frontend.min.js Show response
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 2 KB
1 KB 144ms
143ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=10.2.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 1021
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Thu, 03 Oct 2024 16:39:33 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 search-form.min.js Show response
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 10 KB
3 KB 133ms
132ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=10.2.2&ver=10.2.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 27755bd63ec28b85ea92db1879e49759b6b6b80682506ff3233ab8e896a34f66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 3304
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Thu, 03 Oct 2024 16:39:32 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 menu.min.js Show response
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 15 KB
6 KB 140ms
140ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=10.2.2&ver=10.2.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 6340
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Thu, 03 Oct 2024 16:39:32 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 social-share.min.js Show response
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 6 KB
2 KB 139ms
139ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=10.2.2&ver=10.2.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 2504
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Thu, 03 Oct 2024 16:39:32 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET fde2db76-1838-482a-bff2-fc6b796fa4da
https://aar-insurance.ug/ Frame 0
0

GET
H3 200 place
www.google.com/maps/embed/v1/ Frame F8A7 0
0 519ms
464ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=AAR%20Head%20Office&zoom=16

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-PM_XqqpYA46psA65J7OFMA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aar-insurance.ug/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1505
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PM_XqqpYA46psA65J7OFMA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 06:03:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 91ms
20ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"59cd386971c343740f4693f3c7ca2f77"
age: 367
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: Z3fkJTIl8t4Xx_sW19GwCXeEANXbISvB2TypcTS59uNhNFWQGtsxbQ==
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:48 GMT
vary: Accept-Encoding
x-age: 555
x-77-nzt-ray: f88df72edcfe4baa256e076740830a22
x-77-nzt: EgwBqZb/swH3KwIAAAwBisclxAG3JQAAAA
cache-control: max-age=3600, public
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401607
x-77-age: 555
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728539642
server: CDN77-Turbo
x-accel-expires: @1728542438
x-amz-server-side-encryption: AES256

GET
H3 200 amplify.js Show response
rms.cx/js/feedbackWidget/ 8 KB
3 KB 145ms
105ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/js/feedbackWidget/amplify.js

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced5776e7f2c4337bc405be205da8f8022b56d3689884b415530ec4b254e2dcf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "20e9-61434818c0a41-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23d6PNidmmfpZDsBsZVU6PM8Y7eFOlfVU6SQiVeNFUQVMmO3gVNmyq4%2Bjzjz5ImPcY%2FAJWIayDdOE9mS3sSQnrupzxoTLeRraz%2FMlhj%2BvulUst7NQsSU2dRTNatJKNhsqiro2qI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: application/javascript
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680a9c18d259-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2409
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 main.js Show response
rms.cx/js/feedbackWidget/ 11 KB
4 KB 143ms
104ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/js/feedbackWidget/main.js

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fc7f13fb2f1f040a4ee5e82e603ba32ac6fe0ff20650d91ecb0393b7575bacf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "2d32-61434818c0a41-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAuygVWHbB9pGR7aKYaLYBQIbFLooOKlY%2B4hYUQogqcNMV4IGrlLzG3q79QRjWRbb3PCeAcVKuUA0cRyuoavSWY4FlgUIYuBBdfoAtZTvxUVvl7IO03ByhIVnk8E99ctNSeQsC8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: application/javascript
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680a9c14d259-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3201
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ug-flag.png
aar-insurance.ug/wp-content/uploads/2024/02/ 7 KB
7 KB 134ms
134ms Image
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/ug-flag.png
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: f1863e242bf49a7d386930cf129a728433c28ac115fa27ccd0d93a10f4d18e27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 6819
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:53 GMT
content-type: image/png
server: Apache

GET
H2 200 ke-flag.png
aar-insurance.ug/wp-content/uploads/2024/02/ 9 KB
9 KB 132ms
132ms Image
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/ke-flag.png
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: a78e436c0cd0c6caab9bec366b4bcf70c4847b8fae764a22a1f6cd86d2b9f0cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 8878
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:52 GMT
content-type: image/png
server: Apache

GET
H2 200 tab-bg.png
aar-insurance.ug/wp-content/uploads/2024/02/ 20 KB
20 KB 133ms
132ms Image
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/tab-bg.png
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 305141fc52111c9475899aa4947ffbcd3469fddfc687b9bda96b56e76b5777e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 20820
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:52 GMT
content-type: image/png
server: Apache

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b17c5b4b44f178de758b2708d85e677f5ee43ba2ba4b69c094873bb23c0ce88f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 70ms
27ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 165241
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:09:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:09:16 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 65ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 164974
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:13:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:13:43 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 63ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 195975
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 23:37:02 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 404-6.png
aar-insurance.ug/wp-content/uploads/thrive-theme/images/ 6 KB
6 KB 138ms
136ms Image
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aar-insurance.ug/wp-content/uploads/thrive-theme/images/404-6.png
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 9b06b10faafedacaf9be8b0a2aa7ec35a8355e724e93f463d9f61fbeb561a719

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 5757
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:53 GMT
content-type: image/png
server: Apache

GET
H2 200 wp-emoji-release.min.js Show response
aar-insurance.ug/wp-includes/js/ 18 KB
5 KB 139ms
139ms Script
application/javascript 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 5365
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

POST
H2 200 search Show response
aar-insurance.ug/wp-json/iawp/ 16 B
395 B 428ms
426ms XHR
application/json 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://aar-insurance.ug/wp-json/iawp/search

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

192-185-92-35.unifiedlayer.com

Software

Apache /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: application/json; charset=UTF-8
vary: Origin,Accept-Encoding
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://aar-insurance.ug/wp-json/>; rel="https://api.w.org/"
access-control-allow-credentials: true
allow: POST
x-iawp: iawp
access-control-allow-origin: https://aar-insurance.ug
content-length: 36
server: Apache

GET
H2 200 widget_app_base_1728401297040.js Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/ 126 KB
40 KB 87ms
42ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"5afeaac7e2e18a97518efd0a8a1bb1fe"
age: 365
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: jVOK3EiOc-WiyUsqeFC0a8a5swcWhm8SDO0G6sj1Hfd5YcRftBdh8w==
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:35 GMT
vary: Accept-Encoding
x-age: 138186
x-77-nzt-ray: f88df72eb9f186ae256e0767c4f72029
x-77-nzt: EgwBqZb/swH3yhsCAAwBw7WvAgG3JQAAAA
cache-control: max-age=25920000, public
via: 1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401610
x-77-age: 138186
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728402011
server: CDN77-Turbo
x-accel-expires: @1754321974
x-amz-server-side-encryption: AES256

GET
H2 200 aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/ 54 KB
0 0ms
0ms Image
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Requested by: Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 55254
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:52 GMT
content-type: image/png
server: Apache

POST
H3 200 getWidgetSettings Show response
rms.cx/ 381 B
1 KB 183ms
182ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/getWidgetSettings

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.29

Resource Hash

6ecbd1f41be704782ab8237a33a591c13ada90966d3217133f3aa237a40a3c2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqJlPKdcDdMGZ%2BxDZRK0KnpsK80sU3emq3Ced%2FAq5%2BTaSCjdiaJu8GdnI9hRpuPlyyM3naQnQjxsXnAIXh8H%2B0PHoG6DWkcqGZGIykPLDh3k1X%2F9peb0KAcQDHT4NeYdKCmfX1M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680cd9e0d259-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.2.29
server: cloudflare

GET
H3 200 amplify.css
rms.cx/css/ 3 KB
1 KB 113ms
113ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/css/amplify.css

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/amplify.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "a6a-61434818a0e71-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUGvqcJxp%2FhIuem67FIfju4MiYOjLSVcvT4j%2Beu0dlEEkbK90ZhlDUel3auosU4ak%2Buw3PDXnReH6HlIRlG2grPfrP7SryL2NCERrjiYN61K%2BJ1FNTXWxlEON9yWGYPnPhmsLEY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680b7e49d259-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 948
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 200 getWidgetSettings Show response
rms.cx/ 1 KB
2 KB 214ms
212ms Fetch
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/getWidgetSettings

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/amplify.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.29

Resource Hash

e4680ceffdde5559f0a5ad8b8972312f54f830e0632585bf74b6d42bdd249c18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfWwr3IKrL3MjODthKuXttL7cLSJymtTzPI6cruwDf3b7GqntH8SO2J4f%2B6RLCZu%2BfLeOw5IYQQ3S5yMhOJ46bMDabjiExH8b6uu%2FiO%2B%2BMmw%2BVFuESEWV9mJrgypN2kzLDVAJ9I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680cb993d259-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.2.29
server: cloudflare

OPTIONS
H3 200 getWidgetSettings
rms.cx/ Frame 0
0 216ms
216ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/getWidgetSettings

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.29

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aar-insurance.ug
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin: *
allow: POST
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8d04680b7e44d259-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 06:03:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwFreDlNVzxHCd6UQXVUH%2BCkzQ7Lu6%2BYwPvRVQVQOgOoCJquiLgysbPtzJV7xTj2E12xrNiE5QRfTDHeu27256oeEBeBDC0wF88uvdNXpbLuC7w%2FcgcsJy8DedXlSD2IfUBjJis%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-powered-by: PHP/7.2.29
x-xss-protection: 1; mode=block

OPTIONS
H3 200 getWidgetSettings
rms.cx/ Frame 0
0 192ms
191ms Preflight
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/getWidgetSettings

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.29

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aar-insurance.ug
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin: *
allow: POST
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8d04680b7e4bd259-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 06:03:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWaNfk1aig0FRzD2F0gdSxITbd7SI3SVXuXiM17nhnB%2BDRrAVNqnB%2BN%2FA3IayOqC9l88ppXC1ze0Ai8S06U1xx2aT8G5zpVMS2%2BCAFMnCmiVfIJjVDRym8aSJsCbwpo8HOpjO%2FE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-powered-by: PHP/7.2.29
x-xss-protection: 1; mode=block

POST
H2 200 0SIDUIMm1H Show response
api.userway.org/api/tunings/ 281 B
667 B 566ms
187ms XHR
application/json 2600:1f14:5db:eb00:7d54:f657:bdbc:3ac3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/0SIDUIMm1H
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:7d54:f657:bdbc:3ac3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c3235f4616d8236095a95593d96608c62559664401ba70e9bda45a905b454c39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usr3528975d5a4e4ba
etag: W/"119-SmTJ0UhYtk5OWZT/4H/dtWtTNDg"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 281
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H3 200 select2.min.js Show response
rms.cx/node_modules/select2/dist/js/ 66 KB
19 KB 174ms
152ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/node_modules/select2/dist/js/select2.min.js

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "10964-613eb70838a17-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAENUl%2BnNhGH9C5U41DFyFCZ4rpKvJRR6GsNorn2sX5b%2BRPpCpt3q4uApAvSSo5ml1VEf%2BZv6Fa4RQV4gXpNtnE9%2B7TkbwQ0BMN3uUWD7MlL1t3AU%2B8JJYm7gfesSqXYedasiHA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 08:49:46 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e2805dbd2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19405
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fontawesome.js Show response
rms.cx/js/includes/ 68 KB
20 KB 149ms
126ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/js/includes/fontawesome.js

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30fda2d5db7a83e236929188ddf0aa073794bbcc16196a32bea3157816b286e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "10edc-61434818c0a41-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Q3vz%2BKP7ycXsq7zIhHNpx4SrhTzpWjW2N0EhxdMAhIv8ENOSUCgXfFA3HkKBWc%2BaFALSx3WTxTyKqnoHgOlROLacsE76qMoUvUxiHO7Q78dzwsdWl8yCf0EQ6QH098vxSKEn6I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/javascript
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e280adbd2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19704
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 form.js Show response
rms.cx/js/customFunctions/ 70 KB
15 KB 141ms
140ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/js/customFunctions/form.js

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ea6d60dc8230b9a9cd122b08ae5d12a52f13c0c6fde7cbe4aa1c5f02fd9b77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://rms.cx/js/feedbackWidget/main.js

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "11984-6223cb6295c9b-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fswScLdjaABwMdk5ltq7MgRzhmRW5q2jg4e5F6segyUpOUTwrUfKKYQO08LDhhXIlLaz6riL7xRyuN5jJs%2FMyTqCwYKvqEymw2aSEDR4E3E0CsbZkHEP8iegbYvzalbPiMGxwIc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 13:40:09 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e0cb7d259-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14930
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 feedbackWidget.css
rms.cx/css/ 12 KB
3 KB 107ms
106ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/css/feedbackWidget.css

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb0205fbea18b821bee2cf065484e4f237f6c6f80aa70aba68ccb72f5eb5c4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "2f89-61434818a0e71-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcc7bw10CsHBoBRPPfVHYIAtbH8xEPcBweT5cEjsgDynafD2t72GaYxQiK74isuthpqiuT5NScwF8XgWweNDsbkQhOwCMDoq%2BSy4H%2FJMYKvl5DznyLeulvk%2F1sxw5HxalO1Zprs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e0cb9d259-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2824
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 51ms
28ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "269550530cc127b6aa5a35925a7de6ce"
age: 766587
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/30/2024 13:20:01
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 20bbf962e3b5cdabb1be1f5093069f0f
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d04680e2ee91daa-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1078
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 select2.min.css
rms.cx/node_modules/select2/dist/css/ 15 KB
2 KB 111ms
110ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rms.cx/node_modules/select2/dist/css/select2.min.css

Requested by

Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "3b4c-613eb70838a17-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2K%2Bw1b0zRfDQnLdP2JqUmYtnr%2FTXYqIBOD5wmeXxX1hcn00KKIFoLFtEkFIcvQEg95890VlR1I7g9JqLC2SaYMUryd9OJZUhpuvw6JQ2BislPoXBJyIEvUBwFPDcirJI86Hp%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/css
last-modified: Mon, 18 Mar 2024 08:49:46 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e0cbad259-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2005
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Speechbubble.png
rms.cx/images/ 16 KB
17 KB 187ms
165ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rms.cx/images/Speechbubble.png

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b992d3b2a54995c7cd3b2bd12712f1ac692ebd7ec2f37b5454f32b9832ee863

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

cf-cache-status: MISS
etag: "40ce-61434818b1fe1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPyUlBEJd6tAeZrgF1fDxmFbPyWY8%2BjVhvC1YSB7s6UVKglvylP9XNnhOj5VVO3DAlc9FRfZ3JRoLCRmx4tICjlaD1V42TZIvuuX8zwA%2F%2BTyDUpgXjoz12F2N%2BBEx0CSTEHqKes%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e280bdbd2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16590
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 star.svg
rms.cx/images/amplify/ 684 B
948 B 118ms
102ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rms.cx/images/amplify/star.svg

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20e0da8a685df520e1f353026a43062020285b5eb4989fc619fb47933df6787

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"2ac-61434818b46f1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODFhDJ8jkntKEHKjzzLX%2BglFsuSO%2FR51jnuzXAzHycT3dyAJwza9HXSr43t7%2B6k2BfhzPi5weHF1TVkvIUsKkldapnAwSUAbk%2F3gsJjK68U%2Fp%2BttjYiBiLWaXTK80fBXkMz8pf0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e280ddbd2-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 facebook.png
rms.cx/images/amplify/ 1 KB
2 KB 42ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rms.cx/images/amplify/facebook.png

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d37476d5f15625b7c3e01cc733d7ac0a004aced66694084bcc38c4b56ea8e54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

cf-cache-status: HIT
etag: "4ce-61434818b46f1"
age: 1850
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsFgXtFz0H906r1hJ%2FGxVz48PaHByeS1qKzTVDrjrEz6QgY4jtMseZDlqKtr0w8G5HoTiuxSzYQDYaPAdN4eUtsf4VWunUkuD4EifKdkWBVDSeCHqQlV0TaomMUpG5%2FVmn%2BSle4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: image/png
last-modified: Fri, 22 Mar 2024 00:00:04 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy: upgrade-insecure-requests
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d04680e2809dbd2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1230
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 163423
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:39:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:39:35 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
733 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap

Requested by

Host: rms.cx
URL: https://rms.cx/css/feedbackWidget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd76695c90930344c224d2fb3e946176581d7e8619a96180c8c4bce5b2e51e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rms.cx/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 06:03:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 05:56:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 198398
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 22:56:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 22:56:40 GMT
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14780
x-xss-protection: 0
server: sffe

GET
H2 200 tcb-base-css-19-1721111255.css
aar-insurance.ug/wp-content/uploads/thrive/ 17 KB
0 0ms
0ms Stylesheet
text/css 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/uploads/thrive/tcb-base-css-19-1721111255.css
Requested by: Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 4814
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Tue, 16 Jul 2024 06:27:35 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 style.min.css
aar-insurance.ug/wp-includes/css/dist/block-library/ 110 KB
0 3ms
3ms Stylesheet
text/css 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-encoding: gzip
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Tue, 10 Sep 2024 23:05:34 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 style.css
aar-insurance.ug/wp-content/themes/thrive-theme/ 18 KB
0 4ms
4ms Stylesheet
text/css 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/themes/thrive-theme/style.css?ver=10.1
Requested by: Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: f6fc0ceda15f3d2c0087a0df29f582bec9e8c6da0b9ff6fcb72a717f73faef08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 5259
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Fri, 06 Sep 2024 10:42:09 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 3 KB
0 4ms
4ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Requested by

Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 06:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 06:03:17 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 11 KB
0 5ms
5ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600,500,300,700,800,200,900,400i,500i&subset=latin&display=swap

Requested by

Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc680ed441d2dd21e73741862ad164686ec9367063ef2b0482dfde58e9930dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 06:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 06:03:17 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 06:03:17 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/ 87 KB
16 KB 64ms
34ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css

Requested by

Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "620188b3-3b90"
age: 13232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7s9z4kBikxBST8kdI4iZY%2BchlbdvWjkeRnoGci%2BPZi7YzrZ6mX1uCuWPXsdPqHC3jatM6QuG8bHhOLbdcEZc%2BA7snBpVbOYtRca1bAWnp7g8GzJdiHZ82s8Car0L0SSd98GOymO7TrtDFmp98NwY%2BZh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 06:03:18 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d04680f3c566ae7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15248
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 163423
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:39:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:39:35 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 195975
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 23:37:02 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 165241
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:09:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:09:16 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 2ms
2ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://fonts.googleapis.com/

Response headers

age: 164974
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:13:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:13:43 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H2 200 en-GB.json Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/ 607 B
1 KB 24ms
24ms XHR
application/json 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/en-GB.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 372
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: 73o9Hqwt6pTkUfRldS5-n9MO1LIaqK1X2BLEPQTiNtej4tFUQWG1vg==
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/json
last-modified: Tue, 08 Oct 2024 15:31:34 GMT
x-77-nzt-ray: f88df72eb9f186ae266e07673b9dd113
x-age: 137983
vary: Accept-Encoding
x-77-nzt: EgwBqZb/swH3/xoCAAwBw7WvBgG36AAAAA
cache-control: max-age=25920000, public
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401611
x-77-age: 137983
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728402215
server: CDN77-Turbo
x-accel-expires: @1754321983
x-amz-server-side-encryption: AES256

GET
H2 200 widget.js Show response
aarinsurance-ug.freshchat.com/js/ 67 KB
22 KB 128ms
50ms Script
application/javascript 35.156.160.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aarinsurance-ug.freshchat.com/js/widget.js

Requested by

Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/dstoaimeslee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.156.160.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-160-193.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

0fd2de8ff930464650cff804d62b4893f041b5b9b011bd58e1b9d3ca8ca1af8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 82781df4-a293-98cc-8232-fa0261a28e86
cache-control: max-age=900, must-revalidate
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
content-encoding: gzip
x-fw-ratelimiting-managed: false
x-envoy-upstream-service-time: 2
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
x-trace-id: 00-afa689ed962657eafceed8a1d6ee0ead-f9a6ab36111ecac0-01
date: Thu, 10 Oct 2024 06:03:18 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 10:45:33 GMT
server: fwe
x-server: xkw4l

GET
H2 200 aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/ 54 KB
0 0ms
0ms Other
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 55254
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:52 GMT
content-type: image/png
server: Apache

GET
H2 200 aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/ 54 KB
0 0ms
0ms Other
image/png 192.185.92.35
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-92-35.unifiedlayer.com
Software: Apache /
Resource Hash: 6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/oqu/dstoaimeslee

Response headers

accept-ranges: bytes
content-length: 55254
date: Thu, 10 Oct 2024 06:03:17 GMT
last-modified: Mon, 24 Jun 2024 11:15:52 GMT
content-type: image/png
server: Apache

GET
H2 200 config_iframe.html
aarinsurance-ug.freshchat.com/widget/ Frame 50BA 0
0 73ms
29ms Document
text/html 3.65.94.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aarinsurance-ug.freshchat.com/widget/config_iframe.html?host=https://aarinsurance-ug.freshchat.com&token=4f844a80-3329-4de1-94de-c938831bce3c&origin=https://aar-insurance.ug

Requested by

Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.65.94.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-94-56.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aar-insurance.ug/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 10 Oct 2024 06:03:18 GMT
last-modified: Thu, 26 Sep 2024 10:45:33 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 8d256527-dc0c-4a47-b908-85bdabe7cfab
x-server: jgcrc
x-trace-id: 00-20c39d7e7258650b1367214c6e7bdca6-d83f2250d9607721-00
x-xss-protection: 1; mode=block

GET
H2 200 /
aarinsurance-ug.freshchat.com/widget/ Frame 6B76 0
0 28ms
28ms Document
text/html 3.65.94.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aarinsurance-ug.freshchat.com/widget/?token=4f844a80-3329-4de1-94de-c938831bce3c&referrer=aHR0cHM6Ly9hYXItaW5zdXJhbmNlLnVn&eagerLoad=true

Requested by

Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.65.94.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-94-56.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aar-insurance.ug/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 10 Oct 2024 06:03:18 GMT
last-modified: Thu, 26 Sep 2024 10:45:33 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: bc52bb28-369f-47ae-9803-62f08c8eee55
x-server: xkw4l
x-trace-id: 00-15a15d304228e231f574ff0d89a0ac65-75d12c06fa9551b3-00
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
aarinsurance-ug.freshchat.com/widget/css/ 9 KB
2 KB 28ms
27ms Stylesheet
text/css 35.156.160.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aarinsurance-ug.freshchat.com/widget/css/widget.css?t=1728540198601

Requested by

Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.156.160.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-160-193.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

x-request-id: 9f783f5b-f582-48db-85cd-16a607d184c1
content-encoding: gzip
x-fw-ratelimiting-managed: false
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
expires: Fri, 10 Oct 2025 06:03:18 GMT
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/css
last-modified: Thu, 26 Sep 2024 10:45:33 GMT
x-server: jgcrc
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-trace-id: 00-cb2e2e2362ae46c6b26e3e2c981249c2-24c67a4a4026d2d0-00
x-xss-protection: 1; mode=block
server: fwe

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/2024-10-08-15-28-17/free/ 31 KB
13 KB 25ms
25ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/free/remediation-tool-free.js?ts=1728401297040
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 73719024df5daf498a6b4335a9a885844077b7a8573028941b0e10232917eeca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://aar-insurance.ug
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"3cf689b1ad56b2512461ec432fed6e86"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: qBsNHiND3cwUc8_l9faudb2YjCvQa3igWDxkINdvxQxjWvHrpcnQaA==
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:45 GMT
vary: Accept-Encoding
x-age: 138185
x-77-nzt-ray: f88df72eb9f186ae266e07676e95a031
x-77-nzt: EgwBqZb/swH3yRsCAAwBnJIhJwG3JgAAAA
cache-control: max-age=25920000, public
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401612
x-77-age: 138185
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728402013
server: CDN77-Turbo
x-accel-expires: @1754321975
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-10-08-15-28-17/ 30 KB
5 KB 22ms
22ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-10-08-15-28-17/widget_base.css?v=1728401297040
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"fa9ef3811ff36e9e81b054c454f9365f"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: RD41J0ueEv-fBw1_fvZtXaxavwOrtglNL_kd-kQIn1aNHGDH6by_kg==
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 15:30:57 GMT
vary: Accept-Encoding
x-age: 138186
x-77-nzt-ray: f88df72edcfe4baa266e0767a80da831
x-77-nzt: EgwBqZb/swH3yhsCAAwB1GY4EQG3JQAAAA
cache-control: max-age=864000, public
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401612
x-77-age: 138186
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728402012
server: CDN77-Turbo
x-accel-expires: @1729265975
x-amz-server-side-encryption: AES256

GET
H2 200 wheel_right_bl.svg
cdn.userway.org/widgetapp/images/ 3 KB
2 KB 20ms
20ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/wheel_right_bl.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"66e207a98020ce81d086e97f22a4833c"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: viHaUXvwCCIwBA9Fs4P_YBVu-uhVUSLRwreb9Kr1rX1ZUVCV_wPaOw==
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: image/svg+xml
x-77-nzt-ray: f88df72edcfe4baa266e076722327d33
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 15:31:37 GMT
x-77-nzt: EgwBqZb/swH3PRsCAAwB1GY4EQG3qgAAAA
cache-control: max-age=25920000, public
x-age: 138045
via: 1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401984
x-77-age: 138045
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728402153
server: CDN77-Turbo
x-accel-expires: @1754321983
x-amz-server-side-encryption: AES256

GET
H2 200 spin_bl.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aar-insurance.ug/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f1006e80919a554a181eeffcb6b3e381"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-cache: HIT
x-amz-cf-id: RUiWffp3adfTYnMWC9zVfbRXjuy36WFS8YkvqUyDQmWH6REx61IoGw==
date: Thu, 10 Oct 2024 06:03:18 GMT
content-type: image/svg+xml
x-77-nzt-ray: f88df72edcfe4baa266e07670ee38233
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 15:31:36 GMT
x-77-nzt: EgwBqZb/swH3wBsCAAwBJRPCMQG3LwAAAA
cache-control: max-age=25920000, public
x-age: 138176
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1728401976
x-77-age: 138176
x-amz-cf-pop: FRA56-P10
x-accel-date: 1728402022
server: CDN77-Turbo
x-accel-expires: @1754321975
x-amz-server-side-encryption: AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aar-insurance.ug
URL: blob:https://aar-insurance.ug/fde2db76-1838-482a-bff2-fc6b796fa4da

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aar-insurance.ug/oqu/dstoaimeslee Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aar-insurance.ug
aarinsurance-ug.freshchat.com
api.userway.org
cdn.userway.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rms.cx
stackpath.bootstrapcdn.com
www.google.com
aar-insurance.ug
192.185.92.35
2600:1f14:5db:eb00:7d54:f657:bdbc:3ac3
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::200a
2a02:6ea0:c700::18
2a06:98c1:3120::3
3.65.94.56
35.156.160.193
04ea6d60dc8230b9a9cd122b08ae5d12a52f13c0c6fde7cbe4aa1c5f02fd9b77
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
0fd2de8ff930464650cff804d62b4893f041b5b9b011bd58e1b9d3ca8ca1af8a
14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e
1d37476d5f15625b7c3e01cc733d7ac0a004aced66694084bcc38c4b56ea8e54
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
27755bd63ec28b85ea92db1879e49759b6b6b80682506ff3233ab8e896a34f66
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
305141fc52111c9475899aa4947ffbcd3469fddfc687b9bda96b56e76b5777e8
30fda2d5db7a83e236929188ddf0aa073794bbcc16196a32bea3157816b286e9
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
4b992d3b2a54995c7cd3b2bd12712f1ac692ebd7ec2f37b5454f32b9832ee863
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0
6ecbd1f41be704782ab8237a33a591c13ada90966d3217133f3aa237a40a3c2c
6fc7f13fb2f1f040a4ee5e82e603ba32ac6fe0ff20650d91ecb0393b7575bacf
73719024df5daf498a6b4335a9a885844077b7a8573028941b0e10232917eeca
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
9089890a757940a415ac252546c02a8dc2a13a0fa6881ebbc925c4b2a1048b69
90eea3f7f06b588e54d7bbcfbbbdef83d90ca11cd56f32eae4c60ff931060fa1
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b06b10faafedacaf9be8b0a2aa7ec35a8355e724e93f463d9f61fbeb561a719
a78e436c0cd0c6caab9bec366b4bcf70c4847b8fae764a22a1f6cd86d2b9f0cf
acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8
b17c5b4b44f178de758b2708d85e677f5ee43ba2ba4b69c094873bb23c0ce88f
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3235f4616d8236095a95593d96608c62559664401ba70e9bda45a905b454c39
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb0205fbea18b821bee2cf065484e4f237f6c6f80aa70aba68ccb72f5eb5c4d
cc680ed441d2dd21e73741862ad164686ec9367063ef2b0482dfde58e9930dde
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ced5776e7f2c4337bc405be205da8f8022b56d3689884b415530ec4b254e2dcf
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e20e0da8a685df520e1f353026a43062020285b5eb4989fc619fb47933df6787
e4680ceffdde5559f0a5ad8b8972312f54f830e0632585bf74b6d42bdd249c18
f1863e242bf49a7d386930cf129a728433c28ac115fa27ccd0d93a10f4d18e27
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6fc0ceda15f3d2c0087a0df29f582bec9e8c6da0b9ff6fcb72a717f73faef08
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134
fd76695c90930344c224d2fb3e946176581d7e8619a96180c8c4bce5b2e51e1b

aar-insurance.ug Open in urlscan Pro 192.185.92.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

73 %IPv6

9 Domains

10 Subdomains

12 IPs

2 Countries

560 kBTransfer

1912 kBSize

0 Cookies

8 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aar-insurance.ug Open in urlscan Pro
192.185.92.35 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

73 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

560 kB
Transfer

1912 kB
Size

0
Cookies

74 HTTP transactions
1 data transactions