URL: https://aar-insurance.ug/oqu/ncutioerurpd
Submission: On November 29 via api from RU — Scanned from US

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 77 HTTP transactions. The main IP is 192.185.92.35, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is aar-insurance.ug.
TLS certificate: Issued by R11 on November 19th 2024. Valid for: 3 months.
This is the only time aar-insurance.ug was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 192.185.92.35 19871 (NETWORK-S...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2a02:6ea0:c40... 60068 (CDN77 Dat...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1f14:5db... 16509 (AMAZON-02)
2 172.66.0.145 13335 (CLOUDFLAR...)
2 162.159.140.147 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
77 12
Apex Domain
Subdomains
Transfer
30 aar-insurance.ug
aar-insurance.ug
313 KB
16 rms.cx
rms.cx
97 KB
9 gstatic.com
fonts.gstatic.com
45 KB
9 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3208
api.userway.org — Cisco Umbrella Rank: 3180
65 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
4 freshchat.com
aarinsurance-ug.freshchat.com
24 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
16 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370
7 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
77 9
Domain Requested by
30 aar-insurance.ug aar-insurance.ug
rms.cx
16 rms.cx aar-insurance.ug
rms.cx
9 fonts.gstatic.com fonts.googleapis.com
8 cdn.userway.org aar-insurance.ug
cdn.userway.org
5 fonts.googleapis.com aar-insurance.ug
rms.cx
4 aarinsurance-ug.freshchat.com aar-insurance.ug
aarinsurance-ug.freshchat.com
1 cdnjs.cloudflare.com rms.cx
1 stackpath.bootstrapcdn.com rms.cx
1 api.userway.org cdn.userway.org
1 www.google.com aar-insurance.ug
77 10
Subject Issuer Validity Valid
*.aar-insurance.ug
R11
2024-11-19 -
2025-02-17
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
www.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
1667503734.rsc.cdn77.org
E6
2024-09-25 -
2024-12-24
3 months crt.sh
rms.cx
WE1
2024-10-04 -
2025-01-02
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
api.userway.org
Amazon RSA 2048 M02
2024-08-02 -
2025-08-31
a year crt.sh
freshchat.com
WE1
2024-10-15 -
2025-01-13
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh

This page contains 4 frames:

Primary Page: https://aar-insurance.ug/oqu/ncutioerurpd
Frame ID: D9989A1F9D4C5B819DED8357F5D4E065
Requests: 71 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=AAR%20Head%20Office&zoom=16
Frame ID: 4BFAA2117B8A2EED6E242FF3EA21D7B1
Requests: 1 HTTP requests in this frame

Frame: https://aarinsurance-ug.freshchat.com/widget/config_iframe.html?host=https://aarinsurance-ug.freshchat.com&token=4f844a80-3329-4de1-94de-c938831bce3c&origin=https://aar-insurance.ug
Frame ID: D793AC5C586B733A368AA660B4FF5130
Requests: 2 HTTP requests in this frame

Frame: https://aarinsurance-ug.freshchat.com/widget/?token=4f844a80-3329-4de1-94de-c938831bce3c&referrer=aHR0cHM6Ly9hYXItaW5zdXJhbmNlLnVn&eagerLoad=true
Frame ID: 14D89D3BABCEC7C27674B75E61C89E31
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Page not found - AAR Insurance Uganda

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

77
Requests

99 %
HTTPS

73 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

570 kB
Transfer

2027 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ncutioerurpd
aar-insurance.ug/oqu/
307 KB
69 KB
Document
General
Full URL
https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
95b0dcf9a6ff6b96db377ef4e62f1c4a61ade4fc56b36118ffd21a7f1cb76dab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 01:07:32 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://aar-insurance.ug/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Accept-Encoding
tcb-base-css-19-1721111255.css
aar-insurance.ug/wp-content/uploads/thrive/
17 KB
5 KB
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/uploads/thrive/tcb-base-css-19-1721111255.css
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
4814
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Tue, 16 Jul 2024 06:27:35 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.min.css
aar-insurance.ug/wp-includes/css/dist/block-library/
112 KB
21 KB
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Tue, 12 Nov 2024 23:00:04 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.css
aar-insurance.ug/wp-content/themes/thrive-theme/
18 KB
5 KB
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/style.css?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
d0637681fdc0e8a5efebb994dfb20709aeb7894554cbf31493f86a06721f15c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5259
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 04 Nov 2024 10:44:51 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
jquery.min.js
aar-insurance.ug/wp-includes/js/jquery/
86 KB
37 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
jquery-migrate.min.js
aar-insurance.ug/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5422
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
imagesloaded.min.js
aar-insurance.ug/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
2112
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
masonry.min.js
aar-insurance.ug/wp-includes/js/
24 KB
9 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
9216
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
jquery.masonry.min.js
aar-insurance.ug/wp-includes/js/jquery/
2 KB
756 B
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
724
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
general.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
70 KB
29 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
frontend.min.js
aar-insurance.ug/wp-content/themes/thrive-theme/inc/assets/dist/
29 KB
11 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
11429
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 04 Nov 2024 10:44:51 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
css
fonts.googleapis.com/
3 KB
923 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f126c9c23e36efd1d39996a79913ae93dda6d30a7bc108ac58060bedfbcefdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 01:07:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 01:07:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 01:07:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
12 KB
724 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,500,300,700,800,200,900,400i,500i&subset=latin&display=swap
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2358d1f0d1331ff382cb07d841ed2b03ce1e09e5e0b8a4f4c4fbea872ce4361d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 01:07:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 01:07:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 01:07:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
54 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
55254
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
individualCalculator.js
aar-insurance.ug/customJs/
17 KB
3 KB
Script
General
Full URL
https://aar-insurance.ug/customJs/individualCalculator.js?v=0.2
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
ee1b3b50e58e125a0976100562d05d02e371b3b0ce8f3cddae3e51fdbba12920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
3111
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 04 Nov 2024 13:26:21 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
frontend.min.js
aar-insurance.ug/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/
2 KB
1 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js?ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
1021
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 04 Nov 2024 10:44:52 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
search-form.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
10 KB
3 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=10.3&ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
27755bd63ec28b85ea92db1879e49759b6b6b80682506ff3233ab8e896a34f66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
3304
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
menu.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
15 KB
6 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=10.3&ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
6340
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
social-share.min.js
aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/
6 KB
2 KB
Script
General
Full URL
https://aar-insurance.ug/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=10.3&ver=10.3
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
2504
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 04 Nov 2024 10:43:53 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
d3a90fae-f5f8-4c96-bab8-760dfb81b373
https://aar-insurance.ug/ Frame
0
0

place
www.google.com/maps/embed/v1/ Frame 4BFA
0
0
Document
General
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=AAR%20Head%20Office&zoom=16
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-6LJL6WyjFkYj85qGWcSKpw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aar-insurance.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1407
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-6LJL6WyjFkYj85qGWcSKpw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 01:07:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2bddf99238a9c38e50c0e788928250de2f4fc54947ae5a4b08639d4c8eba198f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"0195d849e5d3faf21fbcd2fe97863b71"
age
330
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
97_tbNYhlJSBwf2YnFp0dNGWY2PUx2e5bXG0AAcCRoAvGftKKWoeTQ==
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/javascript
last-modified
Wed, 27 Nov 2024 07:48:51 GMT
x-77-nzt-ray
f03d061373d3a3a8d513496729b9810a
vary
Accept-Encoding
x-77-nzt
EgwBT3/O6QH3fQIAAAwBnJI73wG3AAAAAA
cache-control
max-age=3600, public
via
1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
637
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
amplify.js
rms.cx/js/feedbackWidget/
8 KB
3 KB
Script
General
Full URL
https://rms.cx/js/feedbackWidget/amplify.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced5776e7f2c4337bc405be205da8f8022b56d3689884b415530ec4b254e2dcf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"20e9-61434818c0a41-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpvlr5Kfz%2BR6pg%2FqZIUTXo5ndyOAjeD42rR1npsL2%2BTqkfsD2gZis%2BtirH%2FPyRIsAtS%2Bdvkk6Moch%2BhqCZwTnwPyHGIQO0Ntx7gUUsZhQtJo82P4HMCL%2B%2F5PGpT2BIKiH%2FFVGWY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20722&min_rtt=20571&rtt_var=3425&sent=16&recv=11&lost=0&retrans=0&sent_bytes=8320&recv_bytes=4616&delivery_rate=606&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=306&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/javascript
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb394a99f7c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2409
x-xss-protection
1; mode=block
server
cloudflare
ug-flag.png
aar-insurance.ug/wp-content/uploads/2024/02/
7 KB
7 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/ug-flag.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
f1863e242bf49a7d386930cf129a728433c28ac115fa27ccd0d93a10f4d18e27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
6819
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 24 Jun 2024 11:15:53 GMT
content-type
image/png
server
Apache
ke-flag.png
aar-insurance.ug/wp-content/uploads/2024/02/
9 KB
9 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/ke-flag.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
a78e436c0cd0c6caab9bec366b4bcf70c4847b8fae764a22a1f6cd86d2b9f0cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
8878
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
tab-bg.png
aar-insurance.ug/wp-content/uploads/2024/02/
20 KB
20 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/tab-bg.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
305141fc52111c9475899aa4947ffbcd3469fddfc687b9bda96b56e76b5777e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
20820
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b17c5b4b44f178de758b2708d85e677f5ee43ba2ba4b69c094873bb23c0ce88f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
132240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 12:23:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 12:23:33 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
58981
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 08:44:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 08:44:32 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
204011
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 16:27:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 16:27:22 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
404-6.png
aar-insurance.ug/wp-content/uploads/thrive-theme/images/
6 KB
6 KB
Image
General
Full URL
https://aar-insurance.ug/wp-content/uploads/thrive-theme/images/404-6.png
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
9b06b10faafedacaf9be8b0a2aa7ec35a8355e724e93f463d9f61fbeb561a719

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
5757
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 24 Jun 2024 11:15:53 GMT
content-type
image/png
server
Apache
main.js
rms.cx/js/feedbackWidget/
11 KB
4 KB
Script
General
Full URL
https://rms.cx/js/feedbackWidget/main.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27531546037212c65953b480ef6d7cc60a9bbc0ca5abcef81341cf876929a6ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2d64-626b8e1f69ade-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NX%2F%2BglH%2B%2F7%2FwGVZu0K44%2F052AQ1WwjXcUiJzJIqfy6MHIBk27ddN8y4rN6Mq9b5mQwfqNG934LKaPJFTPHO1w%2FSuObdP6iTufrEUQDMPC%2FvKejzc54IDWNgJ5LUTLrPLVgQwXS0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20722&min_rtt=20571&rtt_var=3425&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4200&recv_bytes=4616&delivery_rate=606&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=291&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:29:27 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb394a99e7c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3211
x-xss-protection
1; mode=block
server
cloudflare
wp-emoji-release.min.js
aar-insurance.ug/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://aar-insurance.ug/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5365
date
Fri, 29 Nov 2024 01:07:33 GMT
last-modified
Mon, 24 Jun 2024 11:15:50 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
search
aar-insurance.ug/wp-json/iawp/
16 B
395 B
Ping
General
Full URL
https://aar-insurance.ug/wp-json/iawp/search
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/json; charset=UTF-8
vary
Origin,Accept-Encoding
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://aar-insurance.ug/wp-json/>; rel="https://api.w.org/"
access-control-allow-credentials
true
allow
POST
x-iawp
iawp
access-control-allow-origin
https://aar-insurance.ug
content-length
36
server
Apache
widget_app_base_1732693503366.js
cdn.userway.org/widgetapp/2024-11-27-07-45-03/
130 KB
41 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d12f6dea4753a8d25537214864460bb650cf9d8bec240f67b95da6d1563f392

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"30fb9e88721ef36ad84077dcc7464c33"
age
330
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
PgGgYkauV8B6qF94HGPN9HFqLvwzdEgnGHsu5G1myUXRrZJxtBDksQ==
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/javascript
last-modified
Wed, 27 Nov 2024 07:48:37 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061393c900add51349679e6bfc12
x-77-nzt
EgwBT3/O6QH3NUMCAAwBnJI74gG3AQAAAA
cache-control
max-age=25920000, public
via
1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148277
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
0SIDUIMm1H
api.userway.org/api/tunings/
281 B
667 B
XHR
General
Full URL
https://api.userway.org/api/tunings/0SIDUIMm1H
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:b044:ff97:2d00:cb11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c3235f4616d8236095a95593d96608c62559664401ba70e9bda45a905b454c39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usr96d7f4081a56469
etag
W/"119-SmTJ0UhYtk5OWZT/4H/dtWtTNDg"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
281
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
getWidgetSettings
rms.cx/ Frame
0
0
Preflight
General
Full URL
https://rms.cx/getWidgetSettings
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aar-insurance.ug
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin
*
allow
POST
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e9eb3967be37c9c-EWR
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 01:07:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waqb9bRtY%2FTMgm%2BPyEQRpWnFmHYxIkJvkBNktA0igYXy78O%2Fll3PJf5MHOD%2FGDzmk1fYSpGgfUuRu%2FJfpgd1H0PGc6Qei%2FLly6j19M8DjUOo80D%2FrNXbeaRP1HOZee7U4UJ9bwo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23664&min_rtt=20178&rtt_var=6447&sent=23&recv=18&lost=0&retrans=0&sent_bytes=13393&recv_bytes=5709&delivery_rate=6335&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=681&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options
nosniff
x-powered-by
PHP/7.2.29
x-xss-protection
1; mode=block
getWidgetSettings
rms.cx/
381 B
2 KB
Fetch
General
Full URL
https://rms.cx/getWidgetSettings
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
6ecbd1f41be704782ab8237a33a591c13ada90966d3217133f3aa237a40a3c2c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELhp5b35eA%2Fq2b5b%2BdAEDDkkT0aNSmhZt5EwzXUsQASGcDsA%2FbPMBB6V6m0bWTaP8XAFnfStgssvm1HVCjuh7nUyvc9Jyv79qYYKA7VnNMdGGG1XQCkAHqS6GjxlysWJG5umMpc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24239&min_rtt=20178&rtt_var=6112&sent=29&recv=22&lost=0&retrans=0&sent_bytes=15090&recv_bytes=6460&delivery_rate=24694&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=931&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb398eedd7c9c-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-powered-by
PHP/7.2.29
server
cloudflare
amplify.css
rms.cx/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://rms.cx/css/amplify.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/amplify.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"a6a-61434818a0e71-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdL0Q%2Fd3KR6455MKXkZfIrvd7wVUQtxiOa1Y417Ik14ND41Xfuxi86r2yqOJV0n4BXDyg3kMuYHlHnoOTHY%2BNfgDqB1HcyCPYKa4su9pkS%2FJ1ephEr5RxqIr8eUpCXzoex6qcEo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24137&min_rtt=20178&rtt_var=7337&sent=21&recv=17&lost=0&retrans=0&sent_bytes=11627&recv_bytes=5666&delivery_rate=365728&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=597&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
text/css
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb3969c0a7c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
948
x-xss-protection
1; mode=block
server
cloudflare
getWidgetSettings
rms.cx/
2 KB
2 KB
Fetch
General
Full URL
https://rms.cx/getWidgetSettings
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/amplify.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
a27c55abb43fe97dc00ad8dd3fb103c92d35abdc674ad260a5fa2e3cff55ea9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45udtxAw27Rc8%2FGwCKKkmusU8DJhyhVuOOBe5WDakdZDCi8z0gnw3j0HqhWeYEM653XCVfPYZZ6wZ0BoFAcH3eAiKSwog2ueepH6pX8CsFtPWnrwTgPgeNSP3IZwWrulyf5BCEA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23736&min_rtt=20178&rtt_var=5589&sent=32&recv=26&lost=0&retrans=0&sent_bytes=16709&recv_bytes=7487&delivery_rate=7452&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=1040&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb3991f1c7c9c-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-powered-by
PHP/7.2.29
server
cloudflare
getWidgetSettings
rms.cx/ Frame
0
0
Preflight
General
Full URL
https://rms.cx/getWidgetSettings
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aar-insurance.ug
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-origin
*
allow
POST
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e9eb3969c087c9c-EWR
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 01:07:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FbDQy9dWgCJm9h4rVwdGFetYstIc9OnbVe7LFD2oxJkPE3lJMwks%2FNNEtzLzKFYTyQJuGu8h0eVCTfK26ZiDrCwaetIhmrtVZtdBziI%2BDHwwimZH%2Bx%2FyPXnlAUATi5TpaWcDEs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23282&min_rtt=20178&rtt_var=5599&sent=26&recv=20&lost=0&retrans=0&sent_bytes=14243&recv_bytes=6072&delivery_rate=36646&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=710&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options
nosniff
x-powered-by
PHP/7.2.29
x-xss-protection
1; mode=block
en-GB.json
cdn.userway.org/widgetapp/2024-11-27-07-45-03/locales/
607 B
943 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/locales/en-GB.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"971644f50e2020e1ff22e37edcad46f6"
age
33
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
A_cGcWO2lBtwlprcvc4wFQw36vr0kZAPYLk--DDFgaoRh3Q00SkTaA==
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
application/json
last-modified
Wed, 27 Nov 2024 07:48:35 GMT
x-77-nzt-ray
f03d061393c900add51349677e09492d
vary
Accept-Encoding
x-77-nzt
EgwBT3/O6QH3m0ICAAwBnJI73wG3mAAAAA
cache-control
max-age=25920000, public
via
1.1 eef964f7ded2584b0acfd4f410d14ff2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148123
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget.js
aarinsurance-ug.freshchat.com/js/
67 KB
22 KB
Script
General
Full URL
https://aarinsurance-ug.freshchat.com/js/widget.js
Requested by
Host: aar-insurance.ug
URL: https://aar-insurance.ug/oqu/ncutioerurpd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b2c8dbf9946747895038b615829c37a565d25cbc013222cb6af76c3a3fcf30
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

x-request-id
9c75bb9a-9817-4881-b83c-1f3f9b4a52b5
content-encoding
gzip
x-fw-ratelimiting-managed
false
cf-cache-status
REVALIDATED
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
expires
Fri, 29 Nov 2024 05:07:34 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 08:26:10 GMT
x-server
5b5zf
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=14400
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
1
x-trace-id
00-fc390074bddebb2bf7a0ae7c6a6b362e-14d6c2763f49c2dd-00
cf-ray
8e9eb3995fe5429b-EWR
x-xss-protection
1; mode=block
server
cloudflare
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
55254
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
55254
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
config_iframe.html
aarinsurance-ug.freshchat.com/widget/ Frame D793
0
0
Document
General
Full URL
https://aarinsurance-ug.freshchat.com/widget/config_iframe.html?host=https://aarinsurance-ug.freshchat.com&token=4f844a80-3329-4de1-94de-c938831bce3c&origin=https://aar-insurance.ug
Requested by
Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aar-insurance.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
cf-cache-status
DYNAMIC
cf-ray
8e9eb39afe7f41f5-EWR
content-encoding
br
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Fri, 29 Nov 2024 01:07:34 GMT
last-modified
Fri, 22 Nov 2024 08:26:10 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
cloudflare
strict-transport-security
max-age=0
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
81d4eebb-9312-4768-930e-d3214607d5ea
x-server
665c2
x-trace-id
00-ef4e3e58f8991092be31db7ec2c6b866-5518facee76dad2d-00
x-xss-protection
1; mode=block
select2.min.js
rms.cx/node_modules/select2/dist/js/
66 KB
20 KB
Script
General
Full URL
https://rms.cx/node_modules/select2/dist/js/select2.min.js
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"10964-613eb70838a17-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ze3r0SFWcjk35SrwDkHiw88Kq3sJrc20Bn6o0LZv4NWm1D6JqZ7dgjCdX%2Fskz7f%2BpcQKlqtePJXdSr3%2Bo8rDUSJ%2BnfiRoC0cWHJ%2Fh9lR9anpGMisQYepn9yHDXtux%2Bet9XH9dPg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24423&min_rtt=21295&rtt_var=5087&sent=27&recv=16&lost=0&retrans=0&sent_bytes=20150&recv_bytes=5582&delivery_rate=246711&cwnd=12000&unsent_bytes=0&cid=75b0630fa1b97ce9&ts=395&x=1", cfExtPri, cfHdrFlush;dur=7
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
application/javascript
last-modified
Mon, 18 Mar 2024 08:49:46 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39b0aae42ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
19405
x-xss-protection
1; mode=block
server
cloudflare
fontawesome.js
rms.cx/js/includes/
68 KB
20 KB
Script
General
Full URL
https://rms.cx/js/includes/fontawesome.js
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fda2d5db7a83e236929188ddf0aa073794bbcc16196a32bea3157816b286e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"10edc-61434818c0a41-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRobEbC37hl9VVKQBo%2Ftk%2BqjC%2FkmKWkxUmuL05YhoAjiziZ%2FV88XMXx%2BatcqOrUk7a3QPTUsrNYmnGKsZ3gw8%2FHLW6rhRhka3pLmkY2%2FhDZLZhtcoBXRvENkCEIk5%2FjGAfyYfmo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24423&min_rtt=21295&rtt_var=5087&sent=17&recv=16&lost=0&retrans=0&sent_bytes=8150&recv_bytes=5582&delivery_rate=246711&cwnd=12000&unsent_bytes=0&cid=75b0630fa1b97ce9&ts=380&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
application/javascript
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39b0aaf42ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
19704
x-xss-protection
1; mode=block
server
cloudflare
form.js
rms.cx/js/customFunctions/
77 KB
17 KB
Script
General
Full URL
https://rms.cx/js/customFunctions/form.js
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d0d2fae9bd071921ab3ae63b38f40bc05eab5f55138cce5b6c3e8a9fb06366
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://rms.cx/js/feedbackWidget/main.js

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"135d5-626b8e1f69ade-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASxdNgYXOMpptc%2FGzdb9mjqMjzXJeLD6Q97iXAx900GL3x%2BWfycxw6vHS0PnLftwdU45sZhpK2BA4ZlfNvY%2F88wEfaHAMV0Tr24XlOM5eeEQC1UmjjDJStwrE6DF6CqVvF181pw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22205&min_rtt=20178&rtt_var=2389&sent=42&recv=32&lost=0&retrans=0&sent_bytes=25380&recv_bytes=7747&delivery_rate=318135&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=1337&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:29:27 GMT
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39a99937c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16624
x-xss-protection
1; mode=block
server
cloudflare
feedbackWidget.css
rms.cx/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://rms.cx/css/feedbackWidget.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb0205fbea18b821bee2cf065484e4f237f6c6f80aa70aba68ccb72f5eb5c4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2f89-61434818a0e71-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XN%2BMmKg3t%2FwuNifi7upnfRAngAJybXhw%2B9yEdOI6XJmKV5ABFpkIRzHbxP0hxPaF3rcX6OOZHnji%2BH9C2wGVOfddGzMuWKT54SOnLkREgLK9MkJl%2FSYU4P3dsQwi7HE%2BTpJMYkg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23087&min_rtt=20178&rtt_var=4234&sent=35&recv=28&lost=0&retrans=0&sent_bytes=18832&recv_bytes=7574&delivery_rate=25977&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=1245&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39a99947c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2824
x-xss-protection
1; mode=block
server
cloudflare
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 01:07:34 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/07/2024 01:04:57
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
57540ad83c3da9e4be4ddf2b15e49a00
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8e9eb39b1841c347-EWR
access-control-allow-origin
*
cdn-edgestorageid
871
server
cloudflare
cdn-requestcountrycode
US
select2.min.css
rms.cx/node_modules/select2/dist/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://rms.cx/node_modules/select2/dist/css/select2.min.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/feedbackWidget/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"3b4c-613eb70838a17-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBigOjGk3vrHPUP9Vt4AC%2BiAyuLhxm6IK%2FUjU3wE5PweqZ0TwtSxJsddbZTwBw2KuKORNmyMkA5lCE1nztWwPO005yOMT7pciPhJtP8awRssg%2BFO%2FFTgsjuQtIsOVasWCA8ENbs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23087&min_rtt=20178&rtt_var=4234&sent=39&recv=28&lost=0&retrans=0&sent_bytes=22530&recv_bytes=7574&delivery_rate=25977&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=1246&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css
last-modified
Mon, 18 Mar 2024 08:49:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39a99967c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2005
x-xss-protection
1; mode=block
server
cloudflare
Speechbubble.png
rms.cx/images/
16 KB
17 KB
Image
General
Full URL
https://rms.cx/images/Speechbubble.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b992d3b2a54995c7cd3b2bd12712f1ac692ebd7ec2f37b5454f32b9832ee863
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cache-status
MISS
etag
"40ce-61434818b1fe1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ST5pMD4DXJ%2Fb5yX%2BkRj9Ktm5scz92JyriBDxF%2FGhMAXv6U8nInGVtQt1HM0F%2FRapni8KeIPELcJ1j1xSyz%2BERroWAZatAwbwBD2F%2Bqoi8sgOBb5WqdAdZpc12Nvsci2axQ0NA70%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24423&min_rtt=21295&rtt_var=5087&sent=27&recv=16&lost=0&retrans=0&sent_bytes=20150&recv_bytes=5582&delivery_rate=246711&cwnd=12000&unsent_bytes=0&cid=75b0630fa1b97ce9&ts=395&x=1", cfExtPri, cfHdrFlush;dur=7
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
image/png
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39b0ab042ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16590
x-xss-protection
1; mode=block
server
cloudflare
remediation-tool-free.js
cdn.userway.org/remediation/2024-11-27-07-45-03/free/
32 KB
13 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-11-27-07-45-03/free/remediation-tool-free.js?ts=1732693503366
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"5deb9c2444f05f1810d5a32d3059f8ec"
age
234
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
KDUt_TyFRAICoisNmw0GCVAQ93z0MTmFY-nMlhQrsMffXR64HkYtBg==
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
application/javascript
last-modified
Wed, 27 Nov 2024 07:48:48 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061393c900add6134967a35dba0f
x-77-nzt
EgwBT3/O6QH3NUMCAAwBnJI76AG3YAAAAA
cache-control
max-age=25920000, public
via
1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148277
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-11-27-07-45-03/
30 KB
5 KB
Stylesheet
General
Full URL
https://cdn.userway.org/styles/2024-11-27-07-45-03/widget_base.css?v=1732693503366
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"35af998bd342763044abead4df839374"
age
314
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
WvExiqX_jPqnMJooSUrd_Oi0PsmW4pQF2rpIhDN3nnjMJCUIJMJZ2g==
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css
last-modified
Wed, 27 Nov 2024 07:47:53 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061373d3a3a8d6134967eaf4d40f
x-77-nzt
EgwBT3/O6QH3NUMCAAwBuTvfFAG3EAAAAA
cache-control
max-age=864000, public
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148277
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-11-27-07-45-03/ Frame D793
30 KB
0
Stylesheet
General
Full URL
https://cdn.userway.org/styles/2024-11-27-07-45-03/widget_base.css?v=1732693503366
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"35af998bd342763044abead4df839374"
age
314
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
WvExiqX_jPqnMJooSUrd_Oi0PsmW4pQF2rpIhDN3nnjMJCUIJMJZ2g==
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css
last-modified
Wed, 27 Nov 2024 07:47:53 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061373d3a3a8d6134967eaf4d40f
x-77-nzt
EgwBT3/O6QH3NUMCAAwBuTvfFAG3EAAAAA
cache-control
max-age=864000, public
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148277
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
star.svg
rms.cx/images/amplify/
684 B
1 KB
Image
General
Full URL
https://rms.cx/images/amplify/star.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20e0da8a685df520e1f353026a43062020285b5eb4989fc619fb47933df6787
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2ac-61434818b46f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umSkws0WN8BcxLxAb%2BaplHdiWO0NNO8M6EhYS%2BjwTQgFWK7nglZhvUGbdfAIUtMznLd9pcGxz4ZxfGnN6urKgdNsrGGT6TqcntOqnVBrocyishwqt6i4ceU0MG%2FdjE%2FzD7jv%2FzQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23894&min_rtt=21295&rtt_var=6378&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6961&recv_bytes=5452&delivery_rate=590&cwnd=12000&unsent_bytes=0&cid=75b0630fa1b97ce9&ts=314&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39b3ac342ea-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
rms.png
rms.cx/images/amplify/
3 KB
4 KB
Image
General
Full URL
https://rms.cx/images/amplify/rms.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33105fe477cfdd284f7bd48c61ad6e0ab4e3d0037f20a03f5f5ca2cdc52b1f77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cache-status
REVALIDATED
etag
"d1b-61434818b46f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m773KwqbgvOMeO2s5o226UXGavUmRrN3izpr%2FZ7GU1nA2B%2FN5qSnN8OObAJEWxTQAQTPIUpDmF4npqkXKS90o1sB7C%2F9bmZjyCXviVYtV0U6mmCeVnXIp%2B%2Bn1BF6vnIPcNMx%2B%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23894&min_rtt=21295&rtt_var=6378&sent=12&recv=13&lost=0&retrans=0&sent_bytes=2701&recv_bytes=5452&delivery_rate=590&cwnd=12000&unsent_bytes=0&cid=75b0630fa1b97ce9&ts=312&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
image/png
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb39b3ac442ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3355
x-xss-protection
1; mode=block
server
cloudflare
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
42436
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 13:20:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 13:20:18 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
wheel_right_bl.svg
cdn.userway.org/widgetapp/images/
3 KB
2 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/wheel_right_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"66e207a98020ce81d086e97f22a4833c"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
RWTfD8bz4DS_V3M-XiPOoL03zngmeWKxMBPjSrOuIgPJNUjOH5kb4Q==
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
image/svg+xml
x-77-nzt-ray
f03d061373d3a3a8d6134967038df312
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 07:48:38 GMT
x-77-nzt
EgwBT3/O6QH3BEMCAAwBnJI76AG3MgAAAA
cache-control
max-age=25920000, public
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148228
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
spin_bl.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"f1006e80919a554a181eeffcb6b3e381"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
1Yv0vFVEbpjJbmTi5BmcHFm9YP7-tKGug_Chojs5NnVGOVrhi55_wg==
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
image/svg+xml
x-77-nzt-ray
f03d061373d3a3a8d613496744d2f612
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 07:48:38 GMT
x-77-nzt
EgwBT3/O6QH3M0MCAAwBWbuxDAG3AwAAAA
cache-control
max-age=25920000, public
via
1.1 edb4467fad6c19f876564012471f929a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
148275
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/
3 KB
755 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Requested by
Host: rms.cx
URL: https://rms.cx/css/feedbackWidget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
341ebdce02a1c8af36a43925b8b28c6fed61987a86016c4fb71c3a6a3e745b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rms.cx/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 01:07:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 01:07:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
116876
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 16:39:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 16:39:38 GMT
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14780
x-xss-protection
0
server
sffe
tcb-base-css-19-1721111255.css
aar-insurance.ug/wp-content/uploads/thrive/
17 KB
0
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/uploads/thrive/tcb-base-css-19-1721111255.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
4814
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Tue, 16 Jul 2024 06:27:35 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.min.css
aar-insurance.ug/wp-includes/css/dist/block-library/
112 KB
0
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-encoding
gzip
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Tue, 12 Nov 2024 23:00:04 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.css
aar-insurance.ug/wp-content/themes/thrive-theme/
18 KB
0
Stylesheet
General
Full URL
https://aar-insurance.ug/wp-content/themes/thrive-theme/style.css?ver=10.3
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
d0637681fdc0e8a5efebb994dfb20709aeb7894554cbf31493f86a06721f15c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
5259
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 04 Nov 2024 10:44:51 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
css
fonts.googleapis.com/
3 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f126c9c23e36efd1d39996a79913ae93dda6d30a7bc108ac58060bedfbcefdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 01:07:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 01:07:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 01:07:32 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
12 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,500,300,700,800,200,900,400i,500i&subset=latin&display=swap
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2358d1f0d1331ff382cb07d841ed2b03ce1e09e5e0b8a4f4c4fbea872ce4361d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 01:07:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 01:07:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 01:07:32 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
amplify.css
rms.cx/css/
3 KB
0
Stylesheet
General
Full URL
https://rms.cx/css/amplify.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bc9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://aar-insurance.ug/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"a6a-61434818a0e71-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdL0Q%2Fd3KR6455MKXkZfIrvd7wVUQtxiOa1Y417Ik14ND41Xfuxi86r2yqOJV0n4BXDyg3kMuYHlHnoOTHY%2BNfgDqB1HcyCPYKa4su9pkS%2FJ1ephEr5RxqIr8eUpCXzoex6qcEo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24137&min_rtt=20178&rtt_var=7337&sent=21&recv=17&lost=0&retrans=0&sent_bytes=11627&recv_bytes=5666&delivery_rate=365728&cwnd=12000&unsent_bytes=0&cid=25538afc300d5fcf&ts=597&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 01:07:33 GMT
content-type
text/css
last-modified
Fri, 22 Mar 2024 00:00:04 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-security-policy
upgrade-insecure-requests
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9eb3969c0a7c9c-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
948
x-xss-protection
1; mode=block
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/
87 KB
16 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
Requested by
Host: rms.cx
URL: https://rms.cx/js/customFunctions/form.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"620188b3-3b90"
age
282115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9AbORKp%2B3HiM63KHr1KAJIg4Zjgg6Po6GwNse0bwltQAAAcJNzuQYhb4JGF5zjX4u0PZT0uxKFWpUT6SsULiuOsBXQu5NpqWjzixrdYueXkF%2Ffx6u%2FQNhu26lGHyD1DiH7h8v6BynRS%2FdEhUOztAlpT"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 01:07:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Feb 2022 21:01:39 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9eb39ded604366-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
15248
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
58981
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 08:44:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 08:44:32 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
42436
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 13:20:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 13:20:18 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
204011
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 16:27:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 16:27:22 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,500&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://aar-insurance.ug
Referer
https://fonts.googleapis.com/

Response headers

age
132240
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 12:23:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 12:23:33 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
55254
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache
/
aarinsurance-ug.freshchat.com/widget/ Frame 14D8
0
0
Document
General
Full URL
https://aarinsurance-ug.freshchat.com/widget/?token=4f844a80-3329-4de1-94de-c938831bce3c&referrer=aHR0cHM6Ly9hYXItaW5zdXJhbmNlLnVn&eagerLoad=true
Requested by
Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.140.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aar-insurance.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
cf-cache-status
DYNAMIC
cf-ray
8e9eb39df92842d7-EWR
content-encoding
br
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Fri, 29 Nov 2024 01:07:34 GMT
last-modified
Fri, 22 Nov 2024 08:26:10 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
priority
u=0,i
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=0
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
46e18455-6d0d-4554-8396-1e6cbc2dbfb4
x-server
665c2
x-trace-id
00-b0335e9cdbbb11da4b4fc89d8a1e3ebf-f7131872cdb5a0ff-00
x-xss-protection
1; mode=block
widget.css
aarinsurance-ug.freshchat.com/widget/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://aarinsurance-ug.freshchat.com/widget/css/widget.css?t=1732842454685
Requested by
Host: aarinsurance-ug.freshchat.com
URL: https://aarinsurance-ug.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/

Response headers

x-request-id
71bfd963-930a-449e-921b-42afc0941e60
content-encoding
gzip
x-fw-ratelimiting-managed
false
cf-cache-status
MISS
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
expires
Sat, 29 Nov 2025 01:07:34 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 01:07:34 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 08:26:10 GMT
x-server
665c2
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
1
x-trace-id
00-e693be652532664a86d8ba22fbfb57c8-d0a9e01b89c1aa6a-00
cf-ray
8e9eb39ddd61429b-EWR
x-xss-protection
1; mode=block
server
cloudflare
aar-logo-1.png
aar-insurance.ug/wp-content/uploads/2024/02/
54 KB
0
Other
General
Full URL
https://aar-insurance.ug/wp-content/uploads/2024/02/aar-logo-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.92.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-92-35.unifiedlayer.com
Software
Apache /
Resource Hash
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://aar-insurance.ug/oqu/ncutioerurpd

Response headers

accept-ranges
bytes
content-length
55254
date
Fri, 29 Nov 2024 01:07:32 GMT
last-modified
Mon, 24 Jun 2024 11:15:52 GMT
content-type
image/png
server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aar-insurance.ug
URL
blob:https://aar-insurance.ug/d3a90fae-f5f8-4c96-bab8-760dfb81b373

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| flatStyles function| lightspeedOptimizeStylesheet function| lightspeedOptimizeFlat object| _wpemojiSettings function| jQuery function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| tve_frontend_options object| ThriveGlobal object| TCB_Front function| tve_is_email object| thrive_front_localize object| ThriveTheme function| initFreshChat function| initialize function| initiateCall object| tve_dash_front object| TVE_Dash object| tcb_current_post_lists object| tcb_post_lists object| TL_Const object| UserWayWidgetApp object| twemoji object| wp function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| getUserwaySupportedLanguage string| SITE_LANGUAGE_FROM_SCRIPT function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway object| rmsFinalQuestionList object| rmsFinalQuestionList2 object| rmsAnswers string| rmsSurveyColor string| rmsPost object| rmsSettings string| rmsSource function| changeInnerHTML function| openModal function| closeModal function| closeSurvey function| loadingS function| getSurvey function| postData function| includejQuery function| loadSwiper function| getIcon function| loadGrid function| loadCaurosel function| loadPopup function| closePopup function| nextReview function| prevReview function| showMore function| rmsReviewText function| rmsReveal function| setupCarousel object| fcWidget object| setting function| rmsJquery object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| saveEmotion function| saveDropDown function| saveMultiChoice function| changeColorsOpinon function| saveOpinionScale function| questionSwitch function| saveFreetxt function| saveMultiChoiceChat function| selectRmsTag object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome

1 Cookies

Domain/Path Name / Value
.freshchat.com/ Name: __cf_bm
Value: 8.i1PaNJh5ypi03nDa11gm3wbmPgeYrwuIC4qMMQ8OU-1732842455-1.0.1.1-cCSrRztgaQ3ye_bLSP9K4vH3vmxFaLIxO_9ysXAW_EdRiFEuKKyg8H43_an.ZGICyBs.mFiB6MznkdPqw5tSuw

1 Console Messages

Source Level URL
Text
network error URL: https://aar-insurance.ug/oqu/ncutioerurpd
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aar-insurance.ug
aarinsurance-ug.freshchat.com
api.userway.org
cdn.userway.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rms.cx
stackpath.bootstrapcdn.com
www.google.com
aar-insurance.ug
162.159.140.147
172.66.0.145
192.185.92.35
2600:1f14:5db:eb22:b044:ff97:2d00:cb11
2606:4700:3037::ac43:bc9c
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::2004
2607:f8b0:4006:823::2003
2a02:6ea0:c400::54
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9
1a8bb4139e0f6ee55d784514b3e71b24056668c5589b2e0cd34e2e6c48666b0b
1c81f80d3878013d5dc66616ca3c21f085d4af6b0b076b0b149acef05da7a14e
1f94d0cbf3826993461ee390a416e209ef7b432354bc6abeb7a6c6506ae40f2b
2358d1f0d1331ff382cb07d841ed2b03ce1e09e5e0b8a4f4c4fbea872ce4361d
27531546037212c65953b480ef6d7cc60a9bbc0ca5abcef81341cf876929a6ad
27755bd63ec28b85ea92db1879e49759b6b6b80682506ff3233ab8e896a34f66
2bddf99238a9c38e50c0e788928250de2f4fc54947ae5a4b08639d4c8eba198f
305141fc52111c9475899aa4947ffbcd3469fddfc687b9bda96b56e76b5777e8
30fda2d5db7a83e236929188ddf0aa073794bbcc16196a32bea3157816b286e9
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
33105fe477cfdd284f7bd48c61ad6e0ab4e3d0037f20a03f5f5ca2cdc52b1f77
341ebdce02a1c8af36a43925b8b28c6fed61987a86016c4fb71c3a6a3e745b50
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3f126c9c23e36efd1d39996a79913ae93dda6d30a7bc108ac58060bedfbcefdd
4b992d3b2a54995c7cd3b2bd12712f1ac692ebd7ec2f37b5454f32b9832ee863
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
6e81dc023cf71ceb8574561fd753db1838e6982eea79d3a6b08f0a88807574c0
6ecbd1f41be704782ab8237a33a591c13ada90966d3217133f3aa237a40a3c2c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e
89b2c8dbf9946747895038b615829c37a565d25cbc013222cb6af76c3a3fcf30
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95b0dcf9a6ff6b96db377ef4e62f1c4a61ade4fc56b36118ffd21a7f1cb76dab
9b06b10faafedacaf9be8b0a2aa7ec35a8355e724e93f463d9f61fbeb561a719
9d12f6dea4753a8d25537214864460bb650cf9d8bec240f67b95da6d1563f392
a27c55abb43fe97dc00ad8dd3fb103c92d35abdc674ad260a5fa2e3cff55ea9a
a78e436c0cd0c6caab9bec366b4bcf70c4847b8fae764a22a1f6cd86d2b9f0cf
acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8
b17c5b4b44f178de758b2708d85e677f5ee43ba2ba4b69c094873bb23c0ce88f
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3235f4616d8236095a95593d96608c62559664401ba70e9bda45a905b454c39
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb0205fbea18b821bee2cf065484e4f237f6c6f80aa70aba68ccb72f5eb5c4d
ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ced5776e7f2c4337bc405be205da8f8022b56d3689884b415530ec4b254e2dcf
d0637681fdc0e8a5efebb994dfb20709aeb7894554cbf31493f86a06721f15c3
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e20e0da8a685df520e1f353026a43062020285b5eb4989fc619fb47933df6787
e8d0d2fae9bd071921ab3ae63b38f40bc05eab5f55138cce5b6c3e8a9fb06366
ee1b3b50e58e125a0976100562d05d02e371b3b0ce8f3cddae3e51fdbba12920
f1863e242bf49a7d386930cf129a728433c28ac115fa27ccd0d93a10f4d18e27
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149