www.captiveinsurancetimes.com Open in urlscan Pro
50.87.101.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was
Effective URL:
https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5...
Submission: On November 07 via api (November 7th 2024, 8:26:35 am UTC) from US — Scanned from NL

Summary HTTP 63 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 63 HTTP transactions. The main IP is 50.87.101.203, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.captiveinsurancetimes.com.
TLS certificate: Issued by R10 on September 27th 2024. Valid for: 3 months.

This is the only time www.captiveinsurancetimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	50.87.101.203 50.87.101.203	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1 16	2400:52e0:1e0... 2400:52e0:1e00::1079:1	60068 (CDN77 _) (CDN77 _)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a285	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	54.148.133.229 54.148.133.229	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.19.149.92 104.19.149.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.252.10 157.240.252.10	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f084:a:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	18.235.168.50 18.235.168.50	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:811::200a	() ()
3	142.250.186.67 142.250.186.67	() ()
63	17

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

roxy-palace-canada-520936.evsur.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 50.87.101.203 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-101-203.unifiedlayer.com

www.captiveinsurancetimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2400:52e0:1e00::1079:1 (Germany) 1 redirects

ASN60068 (CDN77 _, GB)

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a285 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

documentservices.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.148.133.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-133-229.us-west-2.compute.amazonaws.com

sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

documentservices.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.149.92 (None, )

ASN13335 (CLOUDFLARENET, US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.10 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-fra3.facebook.com

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:a:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.235.168.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-168-50.compute-1.amazonaws.com

viewlicense.adobe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	sumome.com 1 redirects load.sumome.com — Cisco Umbrella Rank: 21660 sumome.com — Cisco Umbrella Rank: 19912 media.sumome.com — Cisco Umbrella Rank: 56321	631 KB
8	captiveinsurancetimes.com www.captiveinsurancetimes.com	381 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
3	gstatic.com fonts.gstatic.com	99 KB
3	googleapis.com fonts.googleapis.com	5 KB
3	adobe.com documentservices.adobe.com — Cisco Umbrella Rank: 70290	155 KB
2	adobe.io viewlicense.adobe.io — Cisco Umbrella Rank: 83456	1 KB
2	facebook.com graph.facebook.com — Cisco Umbrella Rank: 185 api.facebook.com — Cisco Umbrella Rank: 1704	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	179 KB
2	evsur.ru 2 redirects roxy-palace-canada-520936.evsur.ru	1 KB
1	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 23610	440 B
1	google.com clients6.google.com — Cisco Umbrella Rank: 60 Failed
1	bufferapp.com api.bufferapp.com — Cisco Umbrella Rank: 91430	368 B
0	reddit.com Failed www.reddit.com Failed
63	14

	Domain	Requested by
15	sumome.com	load.sumome.com
11	load.sumome.com	1 redirects www.captiveinsurancetimes.com load.sumome.com
8	www.captiveinsurancetimes.com	www.captiveinsurancetimes.com
5	media.sumome.com	load.sumome.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	load.sumome.com
3	documentservices.adobe.com	www.captiveinsurancetimes.com documentservices.adobe.com
2	viewlicense.adobe.io	documentservices.adobe.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.captiveinsurancetimes.com www.googletagmanager.com
2	roxy-palace-canada-520936.evsur.ru	2 redirects documentservices.adobe.com
1	widgets.pinterest.com	load.sumome.com
1	clients6.google.com	load.sumome.com
1	api.facebook.com	load.sumome.com
1	graph.facebook.com	load.sumome.com
1	api.bufferapp.com	load.sumome.com
0	www.reddit.com Failed
63	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
captiveinsurancetimes.com
roxy-palace-canada-520936.evsur.ru

Subject Issuer	Validity	Valid
cpcalendars.realestateinvestmenttimes.com R10	`2024-09-27` - `2024-12-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
static.adobesigncdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2025-10-25`	a year	crt.sh
load.sumome.com R11	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.sumome.com Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh
api.bufferapp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-06` - `2025-09-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adobe.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-03` - `2025-07-04`	a year	crt.sh
media.sumome.com R10	`2024-10-17` - `2025-01-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Frame ID: BFEF9538DE9335AB60B2728E38CBDED1
Requests: 64 HTTP requests in this frame

Frame: https://documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd
Frame ID: E7B1E8DEB70D412AE2E7F4B26A8A36B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Captive Insurance Times magazine issue number

Page URL History Show full URLs

http://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was HTTP 307
https://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was HTTP 302
https://roxy-palace-canada-520936.evsur.ru/a6d8d6218a8 HTTP 301
https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

load\.sumome\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

94 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

1475 kB
Transfer

6013 kB
Size

5
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/captiveinsurance.times

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/captive-insurance-times/

Search URL Search Domain Scan URL

URL: https://twitter.com/CITimes

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/emergingtalent/emergingtalent.php?&newssection=emergingtalent
Title: Emerging talent

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/captiveinsurancetimesnews.php?&navigationaction=latestnews&newssection=latestnews
Title: Latest news

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/industrynews.php?&navigationaction=industrynews&newssection=industry
Title: Industry

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/peoplemovesnews.php?&navigationaction=peoplemovesnews&newssection=People%20Moves
Title: People moves

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regulationnews.php?&navigationaction=regulationnews&newssection=Regulation
Title: Regulation

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/technologynews.php?&navigationaction=technologynews&newssection=technology
Title: Technology

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/ratingsnews.php?&navigationaction=ratingsnews&newssection=ratings
Title: Ratings

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/reinsurancenews.php?&navigationaction=reinsurancenews&newssection=reinsurance
Title: Reinsurance

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regionnews.php?&navigationaction=northamerica
Title: North America

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regionnews.php?&navigationaction=latinamerica
Title: Latin America

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regionnews.php?&navigationaction=europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regionnews.php?&navigationaction=nordics
Title: Nordics

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regionnews.php?&navigationaction=africa
Title: Africa

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/captiveinsurancenews/regionnews.php?&navigationaction=asiapacific
Title: Asia Pacific

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/specialistfeatures/index.php?&navigationaction=features&newssection=features
Title: Features

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/interviews/index.php?&navigationaction=interviews&newssection=interviews
Title: Interviews

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/countryfocus/index.php?&navigationaction=countryprofiles&newssection=countryprofiles
Title: Domicile profiles

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/editorspicks/index.php?&navigationaction=editorspicks&newssection=editorspicks
Title: Editors picks

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=Service%20providers
Title: Service providers

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=accountants%20and%20actuaries
Title: Accountants and actuaries

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=asset_managment
Title: Asset management

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=banks%20and%20trusts
Title: Banks and trusts

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=domiciles%20and%20associations
Title: Domiciles and associations

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=captive%20management
Title: Captive management

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=claims%20and%20litigation%20support
Title: Claims and litigation support

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=law%20firms
Title: Law firms

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=rating%20agencies
Title: Rating agencies

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=reinsurance
Title: Reinsurance

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=specialty%20programs
Title: Specialty programmes

Search URL Search Domain Scan URL

URL: https://captiveinsurancetimes.com/serviceproviders/serviceproviders.php?&navigationaction=technology
Title: Technology

Search URL Search Domain Scan URL

URL: https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Title: View issue in original adobe PDF viewer

Search URL Search Domain Scan URL

URL: https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd.zip
Title: Download to desktop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was HTTP 307
https://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was HTTP 302
https://roxy-palace-canada-520936.evsur.ru/a6d8d6218a8 HTTP 301
https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://load.sumome.com/ HTTP 301
https://load.sumome.com/sumome.js

Request Chain 35

https://reddit.com/button_info.json?url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&jsonp=jQuery111005674392090174887_1730967988440&_=1730967988441 HTTP 301
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&jsonp=jQuery111005674392090174887_1730967988440&_=1730967988441

63 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request issue.php Show response
www.captiveinsurancetimes.com/citimes/
Redirect Chain

http://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was
https://roxy-palace-canada-520936.evsur.ru/29102478576-city-prepares-for-annual-sports-event/was
https://roxy-palace-canada-520936.evsur.ru/a6d8d6218a8
https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

32 KB
6 KB

826ms
184ms

Document
text/html

50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: 228d691d19de5cf4098b2a4689e5c4dfec360d8e4c52faf09ab47f6dbaa83ba0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 6269
content-type: text/html; charset=UTF-8
date: Thu, 07 Nov 2024 08:26:25 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-transform
cf-cache-status: DYNAMIC
cf-ray: 8debf032582ee452-OTP
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Nov 2024 08:26:25 GMT
location: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsm37B5mMnkPdjlHem41RnLcseYTMkNjVWDnW%2F8vg05tUoBSPvDrZCpDkfkah4VIO70GiGjpA3UoJMKgqXNGZ4aIJFb%2Bbg6bZkpRPk8Tcmfcx1xhmlFakQl91aOTw5M5%2FGbPBzp5359jsdy4nppEb%2FVMYw4J"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=46630&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4880&recv_bytes=4989&delivery_rate=9807&cwnd=12000&unsent_bytes=0&cid=c737f7b44566d2e9&ts=372&x=1" cfHdrFlush;dur=0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 261ms
42ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22957950-1

Requested by

Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

382d71023af9704dd92aace621712dcb7bf2e88aabbb98fd797b0e75d8ee2e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 07 Nov 2024 08:26:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77524
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

sumome.js Show response
load.sumome.com/
Redirect Chain

https://load.sumome.com/
https://load.sumome.com/sumome.js

2 KB
2 KB

23ms
22ms

Script
application/javascript

2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/sumome.js
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: df461aa630c4239d910ff2e5d0a10dbb7d5f2f68051a781817bd6b3a9ff84ff0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "1ef9c4a88eb85487e873a23c2c8b308f"
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Sun, 27 Oct 2024 12:14:46 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: CcT7Zmnve2Lp43b1NU0PjT2YIP99r+7ultoIZ/KwdVL9mXmwpfrfO/Y80eU02LQsfAjBTXSx4PU=
cdn-cachedat: 10/27/2024 12:14:46
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: d304c706194ebff905ab383c37a07247
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: GQ60C9335RWA3GSC
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

Redirect headers

cache-control: no-cache
location: https://load.sumome.com/sumome.js
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 1b77c8b205ac9763487ffc307ab4c17a
cdn-pullzone: 1686293
content-length: 162
date: Thu, 07 Nov 2024 08:26:26 GMT
content-type: text/html
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 jquery-3.5.1.min.js Show response
www.captiveinsurancetimes.com/JqueryFunctions/ 87 KB
38 KB 557ms
554ms Script
application/javascript 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.captiveinsurancetimes.com/JqueryFunctions/jquery-3.5.1.min.js
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Response headers

cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 07 Dec 2024 08:26:26 GMT
accept-ranges: bytes
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Sat, 24 Oct 2020 08:30:04 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 jqueryNavigationScript.js Show response
www.captiveinsurancetimes.com/JqueryFunctions/navigation/ 2 KB
562 B 554ms
552ms Script
application/javascript 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.captiveinsurancetimes.com/JqueryFunctions/navigation/jqueryNavigationScript.js?1730967985
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: db8820177a8869607543252d66aac3621714ef249089ff6217c0f055c5b6c7c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Response headers

cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 07 Dec 2024 08:26:26 GMT
accept-ranges: bytes
content-length: 453
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Sat, 24 Oct 2020 08:30:04 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 grid-styles.css
www.captiveinsurancetimes.com/ 57 KB
12 KB 554ms
553ms Stylesheet
text/css 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.captiveinsurancetimes.com/grid-styles.css?1730967985
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: bae6579c4ff712cfd26fa6e34969fe89c422b07610d8dee964c96244b3756938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Response headers

cache-control: max-age=784214
content-encoding: gzip
expires: Sat, 16 Nov 2024 10:16:40 GMT
accept-ranges: bytes
content-length: 12074
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Thu, 17 Oct 2024 10:16:40 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 october.jpg
www.captiveinsurancetimes.com/adverts/LEADERBOARD_STRIP_ADS/ 152 KB
152 KB 146ms
145ms Image
image/jpeg 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.captiveinsurancetimes.com/adverts/LEADERBOARD_STRIP_ADS/october.jpg
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: 927595e16eb045e76b4643270688f2bc945a6749081fc910c72ca881e635677b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Response headers

cache-control: max-age=28881828
expires: Tue, 07 Oct 2025 15:10:14 GMT
accept-ranges: bytes
content-length: 155877
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Mon, 07 Oct 2024 15:10:14 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 Logo.png
www.captiveinsurancetimes.com/images/ 50 KB
50 KB 146ms
145ms Image
image/png 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.captiveinsurancetimes.com/images/Logo.png
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: 6924bc9f46232547acad6f6b27cc5e40f6d62c8d981799aa3b6a388fd69b8cdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Response headers

cache-control: max-age=0
expires: Thu, 07 Nov 2024 08:26:26 GMT
accept-ranges: bytes
content-length: 50909
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Wed, 27 Oct 2021 10:58:25 GMT
content-type: image/png
server: Apache

GET
H2 200 viewer.js Show response
documentservices.adobe.com/view-sdk/ 1009 B
955 B 101ms
23ms Script
application/javascript 2a02:26f0:3500:18::1724:a285
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://documentservices.adobe.com/view-sdk/viewer.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a285 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71ae2f6c985bdb3aeaf4c41a48e32657c25ad8cadbdbc5ffc4ecc89ee3f8f0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
access-control-max-age: 86400
content-encoding: gzip
etag: "b1cab3b484320ea5aab96f5315f55dbe"
access-control-allow-methods: GET,HEAD,OPTIONS
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Wed, 06 Nov 2024 10:14:25 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=60, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-origin: *
content-length: 580
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
103 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LRNN1KG9RX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22957950-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfea91100df3720ca14b09323efe8cbd76fbaabac3ec814643eca61fe1209c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 07 Nov 2024 08:26:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105217
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 392ms
13ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22957950-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-encoding: gzip
age: 4561
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 09:10:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 07:10:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 2.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 370 KB
112 KB 35ms
35ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 42bda4c552fba6dce31c2b9257bf16610df8f9a6cf5baba7b70199269f0cac65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "bf3d2754b6f1354854d43ff9d679d2f6"
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: CPrKY59QqVmJcLsEJ9vWddeqgkuRihFMOf9/CrccNSV4Lx6G3vvidy92DByjRoBkdCEIMKAvv8U=
cdn-cachedat: 10/27/2024 12:14:47
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 6bbfb851e7b386253f08d2e239cf4825
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: 7A136DM4P6K14597
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 19.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 53 KB
22 KB 61ms
60ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/19.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 39df846be4584aa515ecd84ac80d116e5f7607b969928f4e302a8840ab3ffa9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "087c5e1496ed0935666c74fa7c807427"
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: 2EtGSfGZiobWFCLP13Jjgap78jDkjmNVfR4et03jzoVHJcZf3G/Ftwuys03feLtCt3+lfK+EaQo=
cdn-cachedat: 10/27/2024 12:14:47
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 85dbf845840616cc27826bb7fc2e6dec
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: 7A14ETRAYR010DX6
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 icomoon.ttf
www.captiveinsurancetimes.com/fonts/ 6 KB
6 KB 164ms
145ms Font
font/ttf 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.captiveinsurancetimes.com/fonts/icomoon.ttf?fwxbm3
Requested by: Host: www.captiveinsurancetimes.com
URL: https://www.captiveinsurancetimes.com/grid-styles.css?1730967985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: e7d610d9f93a669cf5e7d1e81fd9c9b6ab7836c87447b425348ccfd90622cfc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.captiveinsurancetimes.com
Referer: https://www.captiveinsurancetimes.com/grid-styles.css?1730967985

Response headers

accept-ranges: bytes
content-length: 5872
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Sat, 24 Oct 2020 07:59:34 GMT
content-type: font/ttf
server: Apache

GET
H2 200 ViewSDKInterface.js Show response
documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/ 1 MB
154 KB 38ms
20ms Script
application/javascript 2a02:26f0:3500:18::1724:a285
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/ViewSDKInterface.js

Requested by

Host: documentservices.adobe.com
URL: https://documentservices.adobe.com/view-sdk/viewer.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a285 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

752ea3d7f617221e689454da653a500c58fc352d7b6e29cb445c0598dc8012d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
access-control-max-age: 86400
content-encoding: gzip
etag: "7490d338bdae7a3905df5bebdbc450b8"
access-control-allow-methods: GET,HEAD,OPTIONS
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 07 Nov 2024 08:26:26 GMT
last-modified: Mon, 21 Oct 2024 10:58:08 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=2592000, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-origin: *
content-length: 157677
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 304ms
19ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LRNN1KG9RX&gtm=45je4au0v882972847za200&_p=1730967986027&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1534522826.1730967987&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1730967986&sct=1&seg=0&dl=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&dt=Captive%20Insurance%20Times%20magazine%20issue%20number&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2216
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRNN1KG9RX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.captiveinsurancetimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:27 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 / Show response
sumome.com/api/load/ 882 B
1 KB 183ms
182ms Fetch
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/load/

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/19.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

26aa370a264b357b417feadc97988fd30fbf2d849aabdd92c43a3665b57b0de2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
content-length: 882
date: Thu, 07 Nov 2024 08:26:27 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
428 B 21ms
18ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1861804543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&ul=nl-nl&de=UTF-8&dt=Captive%20Insurance%20Times%20magazine%20issue%20number&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=67556670&gjid=1542564193&cid=1534522826.1730967987&tid=UA-22957950-1&_gid=2078473729.1730967987&_r=1&gtm=457e4au0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&jsscut=1&npa=1&z=458061360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.captiveinsurancetimes.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.captiveinsurancetimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

OPTIONS
H2 204 /
sumome.com/api/load/ Frame 0
0 664ms
175ms Preflight 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/load/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-133-229.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.captiveinsurancetimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.captiveinsurancetimes.com
access-control-max-age: 2592000
date: Thu, 07 Nov 2024 08:26:27 GMT
server: nginx/1.21.5

GET
H2 200 iframe.html
documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/ Frame E7B1 0
0 60ms
21ms Document
text/html 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd

Requested by

Host: documentservices.adobe.com
URL: https://documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/ViewSDKInterface.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.captiveinsurancetimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=2592000, must-revalidate
content-encoding: gzip
content-length: 61389
content-type: text/html
date: Thu, 07 Nov 2024 08:26:27 GMT
etag: "bb27162dd201efd02612a19e379041e4"
last-modified: Mon, 21 Oct 2024 10:58:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-robots-tag: noindex, nofollow

GET 5e16d740b72d2ab0bbbd
roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/ 0
0

POST
H2 200 services Show response
sumome.com/ 68 KB
7 KB 199ms
196ms Fetch
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/services

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/19.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

b24085696b3bcc34ae08e0cc5b42b19ad127615a336e118bcbeab8ee0e0c93be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 07 Nov 2024 08:26:28 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

OPTIONS
H2 204 services
sumome.com/ Frame 0
0 174ms
174ms Preflight 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/services
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-133-229.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.captiveinsurancetimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.captiveinsurancetimes.com
access-control-max-age: 2592000
date: Thu, 07 Nov 2024 08:26:27 GMT
server: nginx/1.21.5

GET
H2 200 favicon.ico
www.captiveinsurancetimes.com/ 116 KB
116 KB 157ms
135ms Other
image/x-icon 50.87.101.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.captiveinsurancetimes.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.101.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-101-203.unifiedlayer.com
Software: Apache /
Resource Hash: c1264d66bd3a652e962b57809775d964d64f2b94dbb54eeea9100b6a6b6de9e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Response headers

cache-control: max-age=0
expires: Thu, 07 Nov 2024 08:26:27 GMT
accept-ranges: bytes
content-length: 119118
date: Thu, 07 Nov 2024 08:26:27 GMT
last-modified: Sun, 15 Nov 2020 17:05:10 GMT
content-type: image/x-icon
server: Apache

GET
H2 200 1.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 94 KB
34 KB 23ms
22ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 15133ae5ff02efbc86a0bd917d3237030bee33375bca7fd54bbbcf4599270863

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "d7a63061b425940ed9b2fd8174f45597"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: E782n7CDMuaaG/yQK1o6cUm6f+CH5pfo3qqWdDi8bcKxsImMTuBKetItgTaC4ooLOJpNb0eegwo=
cdn-cachedat: 10/27/2024 12:52:58
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 69b377d84cacfc26a5cd7cfef690957e
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: PBZF3P7Z7F6K0RTE
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 4.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 387 KB
94 KB 22ms
21ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/4.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: f73cc0e6d5d4b2c1934a39aaf9ae6d801ae99f63d3f460b8387a95b998716f93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "ab1845e163f4235afd132b215d0a8757"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: nTZgB+v5GXZWRdTja65JbTO5eGoG0PFzv0VK4JcrQ4rjoI85I7lWasF92raNBTuYHEIUd/fHeRM=
cdn-cachedat: 10/27/2024 12:14:50
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: db6773dc1fd01800c9f5718ac83b1db9
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: 51K78RBT4KVT6RCK
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 7.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 431 KB
113 KB 34ms
33ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/7.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: cb0af6f1ca91c06e2ecc8cd5b82b994f53429cf896941f2fa9cd6a1cdc5bf36b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "dcbcb43fb2c85ed8d158bc730c26d807"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: Qqafbw42Q2QxeTyJT8nG/4VsH12dvlImLaG2BS3t3l2fRTBruyXqtniaIkwhcB63htRVytSovFU=
cdn-cachedat: 10/27/2024 12:14:50
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 5693a6b3b7d57485f3f209c3f7c62064
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: 51KA7751Q541P7MM
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 13.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 5 KB
3 KB 33ms
33ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/13.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: dcb0e32cee3311fcb70997e25d98de4a978767f171c086d8b47f6e5c421d2dd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "0cb6542f78ed13c49d2c1d1138858516"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Mon, 28 Oct 2024 21:51:40 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: YY/RcbovtlaAHy3hLMyJOHWdLbW3rdnMosXwyi9UIwPW5PTf1WDBFN5c4S0gMX3G/xF3yCHezDuAxvFeDRK/mqhlHyk/6F8JZtO7ibeWwSU=
cdn-cachedat: 11/04/2024 23:12:14
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: bb3399df491292d63f0253f99fc0daaa
cdn-pullzone: 1686293
cdn-proxyver: 1.06
x-amz-request-id: K04K529ZC54CK7R4
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 3.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 23 KB
8 KB 31ms
30ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/3.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 4db2380dfa002a12218a2a2c9d42080e2d8302656536d0ec9622b3f30e7f558a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "8cc2b0b1ee9a5774af6abf5dfeee4ff0"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: DDrygYAkuvAn4a3YltP2PQxg8cvZ6QsknNUEDgeLqxImz8cSBabSPPSbkIW3tbZWlLHTuscGfm0=
cdn-cachedat: 10/27/2024 12:14:50
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 79567ca9b110daa29a555c7b20d571f1
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: 51KF7C8X2TAHVYXY
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 9.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 1011 KB
162 KB 31ms
30ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/9.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 3f30eb714c2871a95b8d3f404347dae7b8cc211a3d4b655bb0e1ee580fc90eda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "16671cfd75089970ce942dcee7571f4d"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Mon, 28 Oct 2024 21:51:40 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: UtLk8AwWPrQZYUB5ppK+7EgwTyGJJTsPigv+lX74kgwgm9swIzPZzuReErRPG2Owb2NH1TiY+ow=
cdn-cachedat: 11/05/2024 03:38:41
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: ca6edfd0737e31afbf709248e514d448
cdn-pullzone: 1686293
cdn-proxyver: 1.06
x-amz-request-id: 71KKTZA0ZV5FHBNN
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 0.0b2dcda6cfc6c245c6bb.js Show response
load.sumome.com/ 1 MB
61 KB 25ms
25ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/0.0b2dcda6cfc6c245c6bb.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: ac79003f31814676ee578bd0040084616b7fadf96a3e3de35274bebf3294a218

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "65e5c8085a3ae8f2b6fb2d91f106add6"
date: Thu, 07 Nov 2024 08:26:28 GMT
last-modified: Sun, 27 Oct 2024 12:14:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: qFIRpIepypEE5wDgJRdsspv4cJfH8qSaHN5DKTkUG8iFg+y96XsF09PO8TRjAs2ZYd06wbZRdds=
cdn-cachedat: 10/28/2024 18:40:15
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 6ee2ec0ba0e2df5a0f5c00fb2fa61860
cdn-pullzone: 1686293
cdn-proxyver: 1.05
x-amz-request-id: 7W4VGGM17DK6XHZJ
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 128 B
368 B 826ms
402ms Script
text/javascript 104.19.149.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&callback=jQuery111005674392090174887_1730967988432&_=1730967988433

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.149.92 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fbbfb6f9e6b837bc8f6fe87325aa7da2a2d0100830fea5faaa6c2969cf00776b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cache-control: public, max-age=43200
content-encoding: gzip
cf-cache-status: MISS
etag: W/"80-yxVYezDgnhXmC0s4zthvWpHaaUg"
x-content-type-options: nosniff
cf-ray: 8debf04e1c37dc94-FRA
expires: Thu, 07 Nov 2024 20:26:29 GMT
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
server: cloudflare

GET
H3 200 / Show response
graph.facebook.com/ 251 B
367 B 464ms
115ms Script
text/javascript 157.240.252.10
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&callback=jQuery111005674392090174887_1730967988434&_=1730967988435

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.10 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-01-fra3.facebook.com

Software

Resource Hash

980cbbfa944ff6d5e2c0fc7ec8585748f8ba4d7fef9e3782a0d4c09a1973a4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-fb-trace-id: CAlK9grcbsN
facebook-api-version: v15.0
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Origin
error-mid: 8e68bbe2a47c2fdfd4ab35b0ffaaab39
priority: u=3,i
x-fb-debug: V1fnFjY8gN0UPS9klOGRHSGm2LUTXldFTe4+7cwZMk5W0VXrLEeQ1fqaHpTm0RBQI44sBs6TlqSdK7AuyUZy0Q==
strict-transport-security: max-age=15552000; preload
x-fb-rev: 1018011443
cache-control: no-store
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4668, tp=13, tpl=0, uplat=95, ullat=0
pragma: no-cache
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-request-id: A6hRyKFt6ZO965AFf7SY9iq
access-control-allow-origin: *
content-length: 251

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 522 B
697 B 473ms
50ms Script
text/javascript 2a03:2880:f084:a:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&format=json&callback=jQuery111005674392090174887_1730967988436&_=1730967988437

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:a:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c07f1c30a1eaabe3d80742aa0071505380e534facb92d599d8e24f83360574d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

strict-transport-security: max-age=15552000; preload
x-fb-rev: 1018011443
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
x-fb-trace-id: FTqlw6s1k3z
pragma: no-cache
facebook-api-version: v15.0
x-fb-request-id: A2246P63KVcoKF2VPNeZeLZ
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: *
content-length: 335
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
x-fb-debug: FDSA9ApSdbBAmsWJNChrPniuSwLY9+xs8Ghp6G6yfNv/EwWzQ/PHPBTWAdjz0Drsjgmd1IJU9lJtWwghtUhcWw==

POST rpc
clients6.google.com/ 0
0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 216 B
440 B 805ms
384ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery111005674392090174887_1730967988438&source=6&url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&_=1730967988439

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60ecd00f825631fcc724f4ed249dabc7f53e266f744ce7c0cd80cd30a5286c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cache-control: must-revalidate, max-age=887
content-encoding: br
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: 91e87cb47ac210f9bf24205fa67a8bc6
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 08:41:29 GMT
accept-ranges: none
access-control-allow-origin: *
date: Thu, 07 Nov 2024 08:26:29 GMT
x-pinterest-rid: 1377316915559285
content-type: application/javascript
vary: accept-encoding

GET

button_info.json
www.reddit.com/
Redirect Chain

https://reddit.com/button_info.json?url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F...
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbb...

0
0

GET
H2 200 features Show response
sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/ 3 KB
2 KB 190ms
189ms XHR
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/features?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

52ae2bead6d942b75e5b9a72db391de07ee8532155744ce84681f67143d6e04c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: undefined
Referer: https://www.captiveinsurancetimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
etag: "1340772550"
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

POST
H2 200 services Show response
sumome.com/ 13 KB
3 KB 197ms
195ms XHR
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/services

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

2c41ece742ad49ba1de14222d7596340d596a7bfdbc1af866390fbcd5244737e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: undefined
Referer: https://www.captiveinsurancetimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
H2 200 features Show response
sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/ 3 KB
434 B 377ms
186ms XHR
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/features?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

52ae2bead6d942b75e5b9a72db391de07ee8532155744ce84681f67143d6e04c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: undefined
Referer: https://www.captiveinsurancetimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
etag: "1340772550"
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

OPTIONS
H2 404 rpc
clients6.google.com/ Frame 0
0 550ms
128ms Preflight
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.captiveinsurancetimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1564
content-type: text/html; charset=UTF-8
date: Thu, 07 Nov 2024 08:26:29 GMT
referrer-policy: no-referrer

OPTIONS
H2 204 features
sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/ Frame 0
0 173ms
172ms Preflight 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/features?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-133-229.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://www.captiveinsurancetimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.captiveinsurancetimes.com
access-control-max-age: 2592000
date: Thu, 07 Nov 2024 08:26:29 GMT
server: nginx/1.21.5

OPTIONS
H2 204 features
sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/ Frame 0
0 173ms
173ms Preflight 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4/features?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-133-229.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://www.captiveinsurancetimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.captiveinsurancetimes.com
access-control-max-age: 2592000
date: Thu, 07 Nov 2024 08:26:29 GMT
server: nginx/1.21.5

POST
H/1.1 200
OK jwt Show response
viewlicense.adobe.io/viewsdklicense/ 599 B
1 KB 222ms
221ms Fetch
application/json 18.235.168.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://viewlicense.adobe.io/viewsdklicense/jwt

Requested by

Host: documentservices.adobe.com
URL: https://documentservices.adobe.com/view-sdk/3.27.1_3.2.10-ea8924cb/ViewSDKInterface.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.235.168.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-168-50.compute-1.amazonaws.com

Software

openresty /

Resource Hash

f1efb517f7454e1488f32c39e26ea54de691834fe8fa8d40b69eb8174e29364d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-Key-Pair-Version: v1
Referer: https://www.captiveinsurancetimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: de494da4e07c4496abeaf82fb6d1bfc6

Response headers

x-robots-tag: none
access-control-max-age: 86400
x-request-id: rXbXaaNJm6Y3N3ANMW0aaFXbnp9EwXvJ
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
x-content-type-options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Date: Thu, 07 Nov 2024 08:26:29 GMT
Content-Type: application/json;charset=utf-8
vary: Accept-Encoding, User-Agent
x-server: adobe.viewsdklicense.0.4.31bcce7475a854a3fd8b0a288c7de28041f7f70d
access_control_allow_origin: https://www.captiveinsurancetimes.com
Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
Content-Length: 599
Server: openresty

OPTIONS
H/1.1 200
OK jwt
viewlicense.adobe.io/viewsdklicense/ Frame 0
0 330ms
118ms Preflight 18.235.168.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://viewlicense.adobe.io/viewsdklicense/jwt

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.235.168.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-168-50.compute-1.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key,x-key-pair-version
Access-Control-Request-Method: POST
Origin: https://www.captiveinsurancetimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 07 Nov 2024 08:26:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Request-Id: hUQqPHdAnyjyRNOHWfm9zkAeXthmPp4O
X-Robots-Tag: none
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-api-key,x-key-pair-version
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: https://www.captiveinsurancetimes.com
access-control-max-age: 86400
vary: Accept-Encoding, User-Agent

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H2 200 b1801a730b06202ceb4200f702a16fa9c3eb2511e57f9edb9913990abdd13eb6
media.sumome.com/ 3 KB
3 KB 309ms
19ms Image
application/octet-stream 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumome.com/b1801a730b06202ceb4200f702a16fa9c3eb2511e57f9edb9913990abdd13eb6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 97b12af70f0c0e52126b9ad6dcddb9b2b322f5c9932c8bf93a4a6fba2c0d2804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "637b20153638022dba7ae5f3c0da070c"
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/octet-stream
last-modified: Mon, 30 Oct 2023 20:40:58 GMT
cdn-cachedat: 10/19/2024 19:06:39
cdn-cache: HIT
x-amz-id-2: hdsRfeZ3iiipUQtCXp3Hndxd/QhVqq/xJngm/g0BZ5qx8XUFe3ibw0+Rcd6G25wML33MyQe6soo=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 508601795b85272cf7bd76daf3bf72b1
cdn-pullzone: 1699148
cdn-proxyver: 1.04
x-amz-request-id: 1MB95ZGKZ3TAJQ82
access-control-allow-origin: *
content-length: 2658
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

POST
H2 200 jsonpcallback Show response
sumome.com/api/ 16 B
330 B 179ms
177ms XHR
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.captiveinsurancetimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
content-length: 16
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

POST
H2 200 jsonpcallback Show response
sumome.com/api/ 16 B
330 B 181ms
181ms XHR
application/json 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/1.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.captiveinsurancetimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
access-control-allow-credentials: true
access-control-allow-origin: https://www.captiveinsurancetimes.com
content-length: 16
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 21ms
20ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LRNN1KG9RX&gtm=45je4au0v882972847za200&_p=1730967986027&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1534522826.1730967987&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1730967986&sct=1&seg=0&dl=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&dt=Captive%20Insurance%20Times%20magazine%20issue%20number&en=scroll&epn.percent_scrolled=90&_et=23&tfd=7246
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRNN1KG9RX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.captiveinsurancetimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:31 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 103ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

bc3e9eea2554530340f12ba6ab93173bf99757107400d49e3d246fc280dad2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 08:26:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 07 Nov 2024 08:26:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 101ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

5740229e740ea056650ca9a31014e918556553b32677ad71e30b701fffc9d6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 08:26:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 07 Nov 2024 08:26:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 68 KB
3 KB 102ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

ec1acb7dbf95791cc97fffd8d8c05826eed8faa32aa9c09ac76aa60cd82b3448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 07 Nov 2024 08:26:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 08:26:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 07 Nov 2024 08:04:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 /
sumome.com/api/event/ 2 B
236 B 528ms
177ms Image
text/plain 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumome.com/api/event/?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4&app_id=156085c5-0017-4150-b225-a731ad248f38&shortcut_id=undefined&visitor_id=6728563032d42338f41e05431ff869b24c04634f94a1bd8ee0980c7036255c84&event=popup&href=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&ref=null&cache=0.23190364015852372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
etag: "-684271315"
content-length: 2
date: Thu, 07 Nov 2024 08:26:35 GMT
content-type: text/plain
vary: Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
H2 200 /
sumome.com/api/event/ 2 B
235 B 528ms
178ms Image
text/plain 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumome.com/api/event/?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4&app_id=156085c5-0017-4150-b225-a731ad248f38.58b66135ff7719f813fc41a8e7977c8efeceff61d569792689021871b65a3696&shortcut_id=undefined&visitor_id=6728563032d42338f41e05431ff869b24c04634f94a1bd8ee0980c7036255c84&event=popup&href=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&ref=null&cache=0.7439813505132091

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
etag: "-684271315"
content-length: 2
date: Thu, 07 Nov 2024 08:26:35 GMT
content-type: text/plain
vary: Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
H2 200 /
sumome.com/api/event/ 2 B
235 B 529ms
178ms Image
text/plain 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumome.com/api/event/?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4&app_id=156085c5-0017-4150-b225-a731ad248f38.ac00659436563b7150685c01c1e23bb57487f8eadb7fe2c5e0873efc61b17d37&shortcut_id=undefined&visitor_id=6728563032d42338f41e05431ff869b24c04634f94a1bd8ee0980c7036255c84&event=popup&href=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&ref=null&cache=0.0636732081896354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
etag: "-684271315"
content-length: 2
date: Thu, 07 Nov 2024 08:26:35 GMT
content-type: text/plain
vary: Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
H2 200 /
sumome.com/api/event/ 2 B
235 B 528ms
178ms Image
text/plain 54.148.133.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumome.com/api/event/?site_id=c8a7d5f42249257668f111fdd51f05e7284225e4bec23a27a0bc5f5f31ab2ec4&app_id=156085c5-0017-4150-b225-a731ad248f38.58b66135ff7719f813fc41a8e7977c8efeceff61d569792689021871b65a3696.ac00659436563b7150685c01c1e23bb57487f8eadb7fe2c5e0873efc61b17d37&shortcut_id=undefined&visitor_id=6728563032d42338f41e05431ff869b24c04634f94a1bd8ee0980c7036255c84&event=popup&href=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&ref=null&cache=0.4105812046380095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.133.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-133-229.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
etag: "-684271315"
content-length: 2
date: Thu, 07 Nov 2024 08:26:35 GMT
content-type: text/plain
vary: Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumome.com/ 586 B
1 KB 20ms
20ms Image
image/svg+xml 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumome.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: W/"d9f4d47a979053d418c2bb03066943ba"
access-control-allow-methods: GET
date: Thu, 07 Nov 2024 08:26:34 GMT
last-modified: Mon, 30 Oct 2023 17:42:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: 8/HRDJXrXVs0vOpFSay4vVNzkstnK3dOeNNMvO1987ntw6bdmet4tsY80PXv2XULMU7xuZWm378=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 37e4e02e0e1726620e7a6794aed04f6f
cdn-pullzone: 1699148
cdn-proxyver: 1.04
x-amz-request-id: DJXFZC1HR6KB2211
access-control-allow-origin: *
cdn-cachedat: 10/15/2024 23:25:37
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88 Show response
media.sumome.com/ 586 B
0 21ms
21ms XHR
image/svg+xml 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sumome.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/2.0b2dcda6cfc6c245c6bb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: W/"d9f4d47a979053d418c2bb03066943ba"
access-control-allow-methods: GET
date: Thu, 07 Nov 2024 08:26:34 GMT
last-modified: Mon, 30 Oct 2023 17:42:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: 8/HRDJXrXVs0vOpFSay4vVNzkstnK3dOeNNMvO1987ntw6bdmet4tsY80PXv2XULMU7xuZWm378=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 37e4e02e0e1726620e7a6794aed04f6f
cdn-pullzone: 1699148
cdn-proxyver: 1.04
x-amz-request-id: DJXFZC1HR6KB2211
access-control-allow-origin: *
cdn-cachedat: 10/15/2024 23:25:37
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 73ms
39ms Font
font/woff2 142.250.186.67

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.captiveinsurancetimes.com
Referer: https://fonts.googleapis.com/

Response headers

age: 61093
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:28:21 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 61ms
28ms Font
font/woff2 142.250.186.67

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.captiveinsurancetimes.com
Referer: https://fonts.googleapis.com/

Response headers

age: 48673
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 18:55:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 18:55:21 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 54ms
21ms Font
font/woff2 142.250.186.67

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.captiveinsurancetimes.com
Referer: https://fonts.googleapis.com/

Response headers

age: 61654
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:19:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:19:00 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H2 200 b1801a730b06202ceb4200f702a16fa9c3eb2511e57f9edb9913990abdd13eb6
media.sumome.com/ 3 KB
0 0ms
0ms Image
application/octet-stream 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumome.com/b1801a730b06202ceb4200f702a16fa9c3eb2511e57f9edb9913990abdd13eb6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 97b12af70f0c0e52126b9ad6dcddb9b2b322f5c9932c8bf93a4a6fba2c0d2804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "637b20153638022dba7ae5f3c0da070c"
date: Thu, 07 Nov 2024 08:26:29 GMT
content-type: application/octet-stream
last-modified: Mon, 30 Oct 2023 20:40:58 GMT
cdn-cachedat: 10/19/2024 19:06:39
cdn-cache: HIT
x-amz-id-2: hdsRfeZ3iiipUQtCXp3Hndxd/QhVqq/xJngm/g0BZ5qx8XUFe3ibw0+Rcd6G25wML33MyQe6soo=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 508601795b85272cf7bd76daf3bf72b1
cdn-pullzone: 1699148
cdn-proxyver: 1.04
x-amz-request-id: 1MB95ZGKZ3TAJQ82
access-control-allow-origin: *
content-length: 2658
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

GET
H2 200 4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumome.com/ 586 B
0 0ms
0ms Image
image/svg+xml 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sumome.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.captiveinsurancetimes.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: W/"d9f4d47a979053d418c2bb03066943ba"
access-control-allow-methods: GET
date: Thu, 07 Nov 2024 08:26:34 GMT
last-modified: Mon, 30 Oct 2023 17:42:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: 8/HRDJXrXVs0vOpFSay4vVNzkstnK3dOeNNMvO1987ntw6bdmet4tsY80PXv2XULMU7xuZWm378=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 37e4e02e0e1726620e7a6794aed04f6f
cdn-pullzone: 1699148
cdn-proxyver: 1.04
x-amz-request-id: DJXFZC1HR6KB2211
access-control-allow-origin: *
cdn-cachedat: 10/15/2024 23:25:37
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: NL

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: roxy-palace-canada-520936.evsur.ru
URL: https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Domain: www.reddit.com
URL: https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.captiveinsurancetimes.com%2Fcitimes%2Fissue.php%3Fissuelink%3Dhttps%3A%2F%2Froxy-palace-canada-520936.evsur.ru%2Faqq5e16d740b72d2ab0bbbd%2F5e16d740b72d2ab0bbbd&jsonp=jQuery111005674392090174887_1730967988440&_=1730967988441

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.captiveinsurancetimes.com/	1970-01-21 10:25:27	Name: _ga_LRNN1KG9RX Value: GS1.1.1730967986.1.0.1730967986.0.0.0
www.captiveinsurancetimes.com/	1970-01-21 01:32:39	Name: __smVID Value: 6728563032d42338f41e05431ff869b24c04634f94a1bd8ee0980c7036255c84
.captiveinsurancetimes.com/	1970-01-21 10:25:27	Name: _ga Value: GA1.2.1534522826.1730967987
.captiveinsurancetimes.com/	1970-01-21 00:50:54	Name: _gid Value: GA1.2.2078473729.1730967987
.captiveinsurancetimes.com/	1970-01-21 00:49:28	Name: _gat_gtag_UA_22957950_1 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd Message: Access to XMLHttpRequest at 'https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd' from origin 'https://www.captiveinsurancetimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.captiveinsurancetimes.com/citimes/issue.php?issuelink=https://roxy-palace-canada-520936.evsur.ru/aqq5e16d740b72d2ab0bbbd/5e16d740b72d2ab0bbbd Message: Access to XMLHttpRequest at 'https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ' from origin 'https://www.captiveinsurancetimes.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bufferapp.com
api.facebook.com
clients6.google.com
documentservices.adobe.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
load.sumome.com
media.sumome.com
region1.google-analytics.com
roxy-palace-canada-520936.evsur.ru
sumome.com
viewlicense.adobe.io
widgets.pinterest.com
www.captiveinsurancetimes.com
www.google-analytics.com
www.googletagmanager.com
www.reddit.com
clients6.google.com
roxy-palace-canada-520936.evsur.ru
www.reddit.com
104.19.149.92
142.250.186.67
151.101.64.84
157.240.252.10
18.235.168.50
188.114.97.3
2001:4860:4802:34::36
2001:4860:4802:38::178
2400:52e0:1e00::1079:1
2a00:1450:4001:811::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:827::200e
2a02:26f0:3500:18::1724:a285
2a02:26f0:3500:18::1724:a29a
2a03:2880:f084:a:face:b00c:0:2
50.87.101.203
54.148.133.229
15133ae5ff02efbc86a0bd917d3237030bee33375bca7fd54bbbcf4599270863
228d691d19de5cf4098b2a4689e5c4dfec360d8e4c52faf09ab47f6dbaa83ba0
26aa370a264b357b417feadc97988fd30fbf2d849aabdd92c43a3665b57b0de2
2c41ece742ad49ba1de14222d7596340d596a7bfdbc1af866390fbcd5244737e
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
382d71023af9704dd92aace621712dcb7bf2e88aabbb98fd797b0e75d8ee2e7d
39df846be4584aa515ecd84ac80d116e5f7607b969928f4e302a8840ab3ffa9e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f30eb714c2871a95b8d3f404347dae7b8cc211a3d4b655bb0e1ee580fc90eda
42bda4c552fba6dce31c2b9257bf16610df8f9a6cf5baba7b70199269f0cac65
4db2380dfa002a12218a2a2c9d42080e2d8302656536d0ec9622b3f30e7f558a
52ae2bead6d942b75e5b9a72db391de07ee8532155744ce84681f67143d6e04c
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5740229e740ea056650ca9a31014e918556553b32677ad71e30b701fffc9d6fc
60ecd00f825631fcc724f4ed249dabc7f53e266f744ce7c0cd80cd30a5286c2d
6924bc9f46232547acad6f6b27cc5e40f6d62c8d981799aa3b6a388fd69b8cdd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ae2f6c985bdb3aeaf4c41a48e32657c25ad8cadbdbc5ffc4ecc89ee3f8f0a6
752ea3d7f617221e689454da653a500c58fc352d7b6e29cb445c0598dc8012d1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
8c07f1c30a1eaabe3d80742aa0071505380e534facb92d599d8e24f83360574d
927595e16eb045e76b4643270688f2bc945a6749081fc910c72ca881e635677b
97b12af70f0c0e52126b9ad6dcddb9b2b322f5c9932c8bf93a4a6fba2c0d2804
980cbbfa944ff6d5e2c0fc7ec8585748f8ba4d7fef9e3782a0d4c09a1973a4e5
ac79003f31814676ee578bd0040084616b7fadf96a3e3de35274bebf3294a218
b24085696b3bcc34ae08e0cc5b42b19ad127615a336e118bcbeab8ee0e0c93be
bae6579c4ff712cfd26fa6e34969fe89c422b07610d8dee964c96244b3756938
bc3e9eea2554530340f12ba6ab93173bf99757107400d49e3d246fc280dad2f1
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bfea91100df3720ca14b09323efe8cbd76fbaabac3ec814643eca61fe1209c73
c1264d66bd3a652e962b57809775d964d64f2b94dbb54eeea9100b6a6b6de9e5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb0af6f1ca91c06e2ecc8cd5b82b994f53429cf896941f2fa9cd6a1cdc5bf36b
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c
db8820177a8869607543252d66aac3621714ef249089ff6217c0f055c5b6c7c3
dcb0e32cee3311fcb70997e25d98de4a978767f171c086d8b47f6e5c421d2dd9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df461aa630c4239d910ff2e5d0a10dbb7d5f2f68051a781817bd6b3a9ff84ff0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d610d9f93a669cf5e7d1e81fd9c9b6ab7836c87447b425348ccfd90622cfc4
ec1acb7dbf95791cc97fffd8d8c05826eed8faa32aa9c09ac76aa60cd82b3448
f1efb517f7454e1488f32c39e26ea54de691834fe8fa8d40b69eb8174e29364d
f73cc0e6d5d4b2c1934a39aaf9ae6d801ae99f63d3f460b8387a95b998716f93
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbbfb6f9e6b837bc8f6fe87325aa7da2a2d0100830fea5faaa6c2969cf00776b
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

www.captiveinsurancetimes.com Open in urlscan Pro 50.87.101.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

53 %IPv6

14 Domains

18 Subdomains

17 IPs

4 Countries

1475 kBTransfer

6013 kBSize

5 Cookies

35 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.captiveinsurancetimes.com Open in urlscan Pro
50.87.101.203 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

1475 kB
Transfer

6013 kB
Size

5
Cookies

63 HTTP transactions
8 data transactions