www.normandyins.com Open in urlscan Pro
18.102.16.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.normandyins.com/
Effective URL:
https://www.normandyins.com/
Submission: On October 17 via api (October 17th 2024, 5:41:10 pm UTC) from US — Scanned from IT

Summary HTTP 45 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 45 HTTP transactions. The main IP is 18.102.16.191, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.normandyins.com.
TLS certificate: Issued by R10 on August 16th 2024. Valid for: 3 months.

This is the only time www.normandyins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.102.16.191 18.102.16.191	16509 (AMAZON-02) (AMAZON-02)
14	104.18.161.117 104.18.161.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
2	54.163.86.186 54.163.86.186	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.253.207.75 23.253.207.75	19994 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
45	18

1 18.102.16.191 (Milan, Italy)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-102-16-191.eu-south-1.compute.amazonaws.com

www.normandyins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.161.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.163.86.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-86-186.compute-1.amazonaws.com

app.reviewgrower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rgwidgets.ravu.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.253.207.75 (United States)

ASN19994 (RACKSPACE, US)

niblewren.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 6168	1 MB
7	gstatic.com fonts.gstatic.com www.gstatic.com	206 KB
3	niblewren.co niblewren.co — Cisco Umbrella Rank: 487448	48 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	322 KB
2	google.it www.google.it — Cisco Umbrella Rank: 27958	652 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3740 cdn.acsbapp.com — Cisco Umbrella Rank: 3977	96 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	9 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 89	20 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	557 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	ravu.me rgwidgets.ravu.me
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	reviewgrower.com app.reviewgrower.com	5 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5983	8 KB
1	normandyins.com www.normandyins.com	9 KB
45	16

	Domain	Requested by
14	cdn.prod.website-files.com	www.normandyins.com cdn.prod.website-files.com
5	fonts.gstatic.com	fonts.googleapis.com
3	niblewren.co	www.normandyins.com niblewren.co
3	www.googletagmanager.com	www.normandyins.com www.googletagmanager.com www.google-analytics.com
2	www.google.it
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.googleadservices.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.acsbapp.com	acsbapp.com
1	acsbapp.com	www.normandyins.com
1	rgwidgets.ravu.me	app.reviewgrower.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.normandyins.com
1	app.reviewgrower.com	www.normandyins.com
1	widget.trustpilot.com	www.normandyins.com
1	ajax.googleapis.com	www.normandyins.com
1	www.normandyins.com
45	19

This site contains links to these domains. Also see Links.

Domain
accessibe.com
nhicph.jw-filehandler.com
quoting.normandyins.com
www.google.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
www.normandyins.com R10	`2024-08-16` - `2024-11-14`	3 months	crt.sh
prod.website-files.com WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
app.reviewgrower.com R10	`2024-09-13` - `2024-12-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
rgwidgets.ravu.me R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh
acsbapp.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
niblewren.co R10	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.it WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.normandyins.com/
Frame ID: 0530794F0CC6250F4FD07B64937E88C0
Requests: 43 HTTP requests in this frame

Frame: https://rgwidgets.ravu.me/widgets/render/72efa441-f354-4039-b088-61c6fbd91fdb
Frame ID: EB3F033EF368F0E56213AA34365C171C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Normandy Insurance Services

Page URL History Show full URLs

http://www.normandyins.com/ HTTP 307
https://www.normandyins.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

91 %
HTTPS

50 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

1788 kB
Transfer

3255 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://nhicph.jw-filehandler.com/wfNHICPortalLogin.aspx
Title:  Pay Bill

Search URL Search Domain Scan URL

URL: https://quoting.normandyins.com/PUMAA/#/
Title: Get a Quote

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=normandy+insurance&oq=normandy+insurance&aqs=chrome.0.0i355i512j46i175i199i512j0i512l3j69i60j69i61j69i60.3551j0j7&sourceid=chrome&ie=UTF-8#lrd=0x88d91d90cc40b491:0x9349aed57f27b0ea,1,,,,
Title:      Excellent 4.9 out of 5

Search URL Search Domain Scan URL

URL: https://www.facebook.com/normandyins/
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/normandyins
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/NormandyIns
Title: 𝕏

Search URL Search Domain Scan URL

URL: https://www.instagram.com/normandy_ins/?hl=en
Title: 

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.normandyins.com/ HTTP 307
https://www.normandyins.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.googleadservices.com/pagead/conversion/877642365/wcm?cc=ZZ&dn=8666886442&cl=azSwCLGZ5NYCEP2Ev6ID&dma=1&dma_cps=syphamo&npa=1&ct_eid=2 HTTP 302
https://www.google.it/pagead/attribution/wcm?cc=ZZ&dn=8666886442&cl=azSwCLGZ5NYCEP2Ev6ID&dma=1&dma_cps=syphamo

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.normandyins.com/
Redirect Chain

http://www.normandyins.com/
https://www.normandyins.com/

26 KB
9 KB

402ms
278ms

Document
text/html

18.102.16.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.normandyins.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.102.16.191 Milan, Italy, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-102-16-191.eu-south-1.compute.amazonaws.com

Software

Resource Hash

ba039e6b19cf26daf9af2a049c97724c358e13651ef83e3cfe882f70ad831d97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 7580
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8d4213c58ae90d57-MXP
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Thu, 17 Oct 2024 17:41:03 GMT
last-modified: Thu, 17 Oct 2024 15:34:43 GMT
strict-transport-security: max-age=31536000
surrogate-control: max-age=2147483647
surrogate-key: www.normandyins.com 6164f9e5cb704c6c3803670d pageId:618d6d3695a3d6b10514ccbd
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red
x-frame-options: SAMEORIGIN
x-lambda-id: af7b03a7-a3e1-499d-bbd1-059f617ee84c

Redirect headers

Location: https://www.normandyins.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 normandyins.webflow.2493d89cc.min.css
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/ 60 KB
14 KB 255ms
219ms Stylesheet
text/css 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77da52d3e1d4f68e657515487e256a4d1c79491bd969d459d0621d763d0d2ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "4de2edb1933d2fdc188fc19cbc429be1"
x-amz-version-id: VridKj_INzqOZu.1OKPANhctt0BCLjAu
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 17:43:47 GMT
vary: Accept-Encoding
x-amz-id-2: rP5qbRuNmJKi+9H6MXNd/AmQZlckRQD/CKtsCh7a2a0ikm5KGygb6vcjL8yG/8KHcdlQ8PCF0S8=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: DNSNAC8Y2ZDTNSBW
cf-ray: 8d4213c81b160e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13792
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 132ms
44ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.normandyins.com
URL: https://www.normandyins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: gzip
age: 21667
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 11:39:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 11:39:56 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5437
x-xss-protection: 0
server: sffe

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 23 KB
8 KB 164ms
52ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.normandyins.com
URL: https://www.normandyins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: gzip
etag: "7d4644d89e45fe92623bdd628e60e8dd"
age: 55831
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: MvJ34hd1FKFjGjhEjOJjv7CbfkFRs7XS6r0jNsQCE68M2nanQ47vsQ==
date: Thu, 17 Oct 2024 02:10:33 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security: max-age=31536000
cache-control: max-age=86400
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7350
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK embed.js Show response
app.reviewgrower.com/js/v1/ 13 KB
5 KB 493ms
211ms Script
text/html 54.163.86.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.reviewgrower.com/js/v1/embed.js?token=72efa441-f354-4039-b088-61c6fbd91fdb
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.163.86.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-86-186.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9103fedb2aa34e9b9731d27e3865ca41fe34581090521cf1f36d200a96a8350f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Access-Control-Allow-Origin: *
Content-Length: 4348
Keep-Alive: timeout=5, max=100
Date: Thu, 17 Oct 2024 17:41:03 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 130ms
42ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6164f9e5cb704c6c3803670d
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://www.normandyins.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 54676
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: xten4fLCEHhcwFJoS8UItp0iUyPdLD8v3dFuYt9ySnk1sFXpT2Aexg==
date: Thu, 17 Oct 2024 02:29:48 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
vary: Accept-Encoding
cache-control: max-age=84600, must-revalidate
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
server: AmazonS3

GET
H3 200 webflow.c82f7f461.js Show response
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/js/ 285 KB
70 KB 205ms
171ms Script
text/javascript 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/js/webflow.c82f7f461.js
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a0d96b74be04b8fba1d11fd5487d408e9d8bf42ed8bcb9c5168041986b7b4a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "9e2d65dc8cb140718d5c5a51712f3eab"
x-amz-version-id: hsGqALKIXoZ31BeYlHeARz3uOvPjg06j
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: text/javascript
last-modified: Tue, 10 Sep 2024 17:43:47 GMT
vary: Accept-Encoding
x-amz-id-2: rW/sxB0SrqOFzo/S9yg22zleN61LpQ9gZNogpHhZUPh2wxNtBFh64u6YFMT8cXS8M2aPLUxOVm0=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: DNSGVQ9EPEQGGAW7
cf-ray: 8d4213c81b150e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71110
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 89 KB
3 KB 161ms
59ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKalam:regular

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea3e2cec52e982a8c58f92e0238e7e17917a6e20c404affd1f7ff0fa1954b67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 17:41:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 17 Oct 2024 17:41:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 309 KB
108 KB 147ms
60ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQ5H29F

Requested by

Host: www.normandyins.com
URL: https://www.normandyins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b35199f810285e719c57491d5f90283d1e3358d0d45b162781f47c26e4969c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 17 Oct 2024 17:41:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 17:02:18 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109435
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 61cdfc38564555254efc0dc4_web-hero-image-2.jpg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 566 KB
566 KB 180ms
180ms Image
image/jpeg 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/61cdfc38564555254efc0dc4_web-hero-image-2.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529824ce33f91e2db6462f1e9a7529018d65a609c7762e64ad335fa3bb591440

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css

Response headers

cf-bgj: h2pri
etag: "11ab28aa5152327b83e26636a81f8301"
x-amz-version-id: 193F7M4xoFJ3XpXwzpujsH5cTvZD6v_I
cf-cache-status: HIT
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/jpeg
last-modified: Thu, 30 Dec 2021 18:36:41 GMT
vary: Accept-Encoding
x-amz-id-2: 02eKo6pl8p9Kdyco506xRmKHJJLXAaZsOW6Bt5jYMjExy9gogLcAXyvzFkcm7POT0XV7u5Fl+I4=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N1W91ZVT01NRGDR7
cf-ray: 8d4213c9bd3d0e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 579322
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 616e4669cce05ac1bb7fc2f2_fa-solid-900.woff
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 99 KB
100 KB 214ms
182ms Font
application/x-font-woff 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/616e4669cce05ac1bb7fc2f2_fa-solid-900.woff
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f6d3488cf65374f6f676c315340b0ac2be832bd55240c809448e36ef9b96326

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "d745348d289b149026921f197929a893"
x-amz-version-id: Fi6JrjX1wd_0uuYrDnPZLzhDYc5MKyyF
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: application/x-font-woff
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Oct 2021 04:15:38 GMT
x-amz-id-2: 5SCIOYR8JlX7vuTPWWc4DAw4eM1/TA91yllEAGVkfEWHvcikKQePDYHKv8nON47ZUPC1JZqU79A=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 93173DFGWRYYHKZF
cf-ray: 8d4213ca1ab84c6c-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101648
server: cloudflare
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 65dce3efd6e4a576a428f154_logo-services.svg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 7 KB
3 KB 237ms
235ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/65dce3efd6e4a576a428f154_logo-services.svg
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ea5ad4308209e265040ec34e05ca698a28a2ca530ea1b98469c248b00e34d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5f4fad67424b72872511c84afd662246"
x-amz-version-id: 9L1.bzZ06gwm_GepoX4IGh4GFDbLxcAS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Feb 2024 19:18:08 GMT
vary: Accept-Encoding
x-amz-id-2: 9OG8jvrTN621RgGqKp0OLNdcYb2OHDqGBctGMhi/ZDr5T1SxoQLKv5nzMoiZhLV0CcKwEFe1EYw=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: TJHJGHNYFE3PG9T0
cf-ray: 8d4213c9ed9b0e42-MXP
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61ce03cea0d65dd1db7cd21a_homepage%20icons-03.svg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 3 KB
2 KB 237ms
236ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/61ce03cea0d65dd1db7cd21a_homepage%20icons-03.svg
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb8ee666d57faa61f839513bd6490e5033abea73bdbaebe178d9408cd3d86b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7dda273bf93617d9d164e927eeb66ffc"
x-amz-version-id: IaA2tdXFUFohZjv5lKB.G8hzanro8lG7
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Dec 2021 19:09:03 GMT
vary: Accept-Encoding
x-amz-id-2: //X/jDIl4Q62VJqIj8F47qYrnq5aDqq8hxrgTd11x8QU7M7IrpKat+bMGZk+sO+mgHrz7zpi8GQ=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: TJHHHH5H2G1DPJX4
cf-ray: 8d4213c9ed9e0e42-MXP
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61ce03c3d0a0a5435ae83457_homepage%20icons-02.svg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 2 KB
1 KB 239ms
238ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/61ce03c3d0a0a5435ae83457_homepage%20icons-02.svg
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1351cb237fbb0085ed458cbfb79c819a88c119a4136a418566150f56a3209ed0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1141a1132855024bd7b0a1b0a452e8cc"
x-amz-version-id: BjdPYEQGqxo7dSSyQQjfOh4E1M6IU4cd
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Dec 2021 19:08:53 GMT
vary: Accept-Encoding
x-amz-id-2: NHWzFOacSbzjyxOLPu/xShmjPp2tncoALNsNS2sh9Z/sJrGOxd5SM7dL94e5vsGKnfY5nsFoh1cE6eEAthTNdJgA8xqfLwyp
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: TJHN3VJN1GXXMS5H
cf-ray: 8d4213c9eda10e42-MXP
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61ce03a5f9e0ca84cb88d4fb_homepage%20icons-01.svg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 2 KB
1 KB 237ms
236ms Image
image/svg+xml 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/61ce03a5f9e0ca84cb88d4fb_homepage%20icons-01.svg
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186da3c0c134617cf5492828d07ed65315baeff0dcec7642ea001d1572af0284

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7595bf697d82a12500c08336e439403c"
x-amz-version-id: VOHbXPyR7I74jQ8VqPL0nEPA_C2uJrhe
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Dec 2021 19:08:22 GMT
vary: Accept-Encoding
x-amz-id-2: 78tjTmDmSjtMB54QMwoq61/wRwvsSocwEBWd3O/gZwAxLAu4RCKoAdzWdXKTBOXHFPiBgFRwXQuTGBQdzFgseoq44fbjhV0BfWIMsTzqJwo=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: TJHPY85V6P73YG1A
cf-ray: 8d4213c9eda60e42-MXP
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64d1190d1be8a4f4da6b977d_google-reviews-1.png
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 7 KB
7 KB 238ms
237ms Image
image/png 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/64d1190d1be8a4f4da6b977d_google-reviews-1.png
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 054ca8901ce3abed28da97da82a4d9b46eddac5a00abef7fad1e536e40300bd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cf-cache-status: HIT
etag: "57fc4cbd157c8e2a9da25de1aedea281"
x-amz-version-id: yGhF3.yHfh_tylCvCvJk4.Unmc0mpxsU
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 16:17:18 GMT
vary: Accept-Encoding
x-amz-id-2: kXvzAf0dg3aLQJet5ihQfoGQQUT1+D61DxzKvtnbpFAnyWy+OvzUJdL59AkXnnxPMzeELoZRKKU=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N1W6AM154332BH1Q
cf-ray: 8d4213c9eda90e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6958
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 64b5771f72ee0134432dddfc_state-map-2023_light_blue_-p-800.png
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 68 KB
69 KB 238ms
237ms Image
image/png 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/64b5771f72ee0134432dddfc_state-map-2023_light_blue_-p-800.png
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6c86da0b868446a7c42e8b73849790be2eaed7e4c0ba86ac3a1e8eb5950c88a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cf-cache-status: HIT
etag: "dc0679dde8eb69be0d981a03767f5b81"
x-amz-version-id: FuTtAKIh0zYP1.5QXEL0pDVLoLEgDU_u
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/png
last-modified: Mon, 17 Jul 2023 17:15:15 GMT
vary: Accept-Encoding
x-amz-id-2: KqRiSb42Lw4kpfYRbvz7/r/XwM1/C+crxvJvLJwRxVZQOsNgoBwxUv4aiN6ExxqZ52HMsnSZozxICXritsYyZlsPDYleQO8X
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N1W4AG17YWENJSEK
cf-ray: 8d4213c9edab0e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70021
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6272ad59135e8eb7fbc30ae7_61e99da01e1662bd9cc6c1b2_shutterstock_2085697060_small.jpg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 48 KB
48 KB 242ms
241ms Image
image/jpeg 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/6272ad59135e8eb7fbc30ae7_61e99da01e1662bd9cc6c1b2_shutterstock_2085697060_small.jpg
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace76f81f2f8730b8e998c6c10182cf1af20fce988d4ade19172791db03f3657

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cf-bgj: h2pri
etag: "252c80be77af11ce0bd4284eeaefa028"
x-amz-version-id: I5GQRG.R.mUVBMfYVXHBnSkFL47nG1nn
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/jpeg
last-modified: Wed, 04 May 2022 16:44:10 GMT
vary: Accept-Encoding
x-amz-id-2: j2JvODpMJI5ld4lc3mtRs9MCf4f16mUZ9ysFbTMA00bBDWjgjkzLwXozOaxBTUyGCExkXVTX92yKgKtUk7G2yQcthz2ley+73G//pf8PRFA=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: N1WFAT96YJQX0PQJ
cf-ray: 8d4213c9edae0e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49160
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61e99e0f863d1177f5cd9df0_shutterstock_1762891241_cropped.jpg
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 59 KB
60 KB 253ms
252ms Image
image/jpeg 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/61e99e0f863d1177f5cd9df0_shutterstock_1762891241_cropped.jpg
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44f305f6a59eb6ed2345dfd111b8e1c65afd565668e63d8eb9930805ecffe11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cf-bgj: h2pri
etag: "d792ff5f532e3c22e0d11287c68d73e2"
x-amz-version-id: uiuM3lSVwyFSo5lWBPjA_dJ28JLHXkvw
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:03 GMT
content-type: image/jpeg
last-modified: Thu, 20 Jan 2022 17:38:24 GMT
vary: Accept-Encoding
x-amz-id-2: 7dv/l2Qeik04PUcMBLGD2uDYyaWCeaP2OMsBCd132FiHvtcZke0Uz2ElmR36K60p7Iyp69o4j7E=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: F8QM17JPYBCDM9H5
cf-ray: 8d4213c9edb10e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60778
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 110ms
60ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKalam:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://fonts.googleapis.com/

Response headers

age: 136897
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:39:26 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 88ms
39ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://fonts.googleapis.com/

Response headers

age: 136276
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:49:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:49:47 GMT
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50296
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 121ms
73ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://fonts.googleapis.com/

Response headers

age: 249046
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 20:30:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:30:17 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 100ms
52ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://fonts.googleapis.com/

Response headers

age: 136649
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:43:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:43:34 GMT
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34288
x-xss-protection: 0
server: sffe

GET
H3 200 YA9dr0Wd4kDdMthROCc.woff2
fonts.gstatic.com/s/kalam/v16/ 22 KB
22 KB 123ms
89ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kalam/v16/YA9dr0Wd4kDdMthROCc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://fonts.googleapis.com/

Response headers

age: 136888
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:39:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:39:35 GMT
last-modified: Tue, 26 Apr 2022 15:47:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22336
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK 72efa441-f354-4039-b088-61c6fbd91fdb
rgwidgets.ravu.me/widgets/render/ Frame EB3F 0
0 422ms
127ms Document
text/html 54.163.86.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rgwidgets.ravu.me/widgets/render/72efa441-f354-4039-b088-61c6fbd91fdb
Requested by: Host: app.reviewgrower.com
URL: https://app.reviewgrower.com/js/v1/embed.js?token=72efa441-f354-4039-b088-61c6fbd91fdb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.163.86.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-86-186.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.normandyins.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1740
Content-Type: text/html
Date: Thu, 17 Oct 2024 17:41:04 GMT
ETag: "1166-60e83846bba57-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 09 Jan 2024 13:44:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

GET
H3 200 616e4669eac71030a75b403a_fa-brands-400.woff
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 88 KB
89 KB 271ms
268ms Font
application/x-font-woff 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/616e4669eac71030a75b403a_fa-brands-400.woff
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9217f66874b0c01cd8c10b6a295dbc4f609acb6f5adc41c37da46641b57eb02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.normandyins.com
Referer: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/css/normandyins.webflow.2493d89cc.min.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "1a575a4138e5f366474f0e7c5bd614a5"
x-amz-version-id: lT4ETkgXEVpOEDYbVDHExxrtvnEc4Nwf
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:04 GMT
content-type: application/x-font-woff
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Oct 2021 04:15:38 GMT
x-amz-id-2: k3pXKk8ZWS8QQ5B07LzVWjR0s5jZP5SdvR+I3t7mbMDRHTq9P7Jg9snuVVwxDBix6rP96U2qPT9SxcDTcZF10lwQj6FcU7bFmRd/dclEuPc=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 9315D4EF4EAS8JZ9
cf-ray: 8d4213cb6c134c6c-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 89988
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 315 KB
96 KB 274ms
178ms Script
application/javascript 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095a419a7e9d826faf0efcb8176e529da5c9a2a56e3ff1295c5fd7efa6f448f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

x-goog-metageneration: 3
access-control-expose-headers: *
x-goog-hash: crc32c=1OfI5w==, md5=J0aPpAwiN3HEjj+iDpQeiQ==
cf-cache-status: REVALIDATED
etag: W/"27468fa40c223771c48e3fa20e941e89"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Fri, 17 Oct 2025 17:41:04 GMT
x-goog-stored-content-length: 322112
date: Thu, 17 Oct 2024 17:41:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 13:05:25 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2czIGJQ7Ji_M1KiKOTNP4jN-D7_Xm8SrGCyZ6AiZ_1q35EzWJyycAuKYauCVrW9t_61SY
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8d4213cc1bde9143-FRA
access-control-allow-origin: *
x-goog-generation: 1728911125876754
server: cloudflare

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/normandyins.com/ 164 B
694 B 275ms
185ms Fetch
application/json 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/normandyins.com/config.json?page=%2F
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b555dee49ac11093eb6ae6d537fb088e8ae87c872e3df80de397e9526eacd9a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=fg897w==, md5=fCmg7sG8lD81THEY/p3N1w==
cf-cache-status: MISS
etag: W/"7c29a0eec1bc943f354c7118fe9dcdd7"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Fri, 17 Oct 2025 17:41:04 GMT
x-goog-stored-content-length: 164
date: Thu, 17 Oct 2024 17:41:04 GMT
content-type: application/json
last-modified: Wed, 08 Feb 2023 14:02:58 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0AiarqgbY6X1AUci7NqmrTqs8tNx_nPQTM_zdtOIbWQyuleotN1z7vFRS-XfWog7Rs-T4
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8d4213d06f829f2d-FRA
access-control-allow-origin: *
x-goog-generation: 1675864978143028
server: cloudflare

GET
H/1.1 200
OK 6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd Show response
niblewren.co/anywhere/ 3 KB
3 KB 617ms
183ms Script
text/javascript 23.253.207.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd?t=Normandy%20Insurance%20Services&u=https%3A%2F%2Fwww.normandyins.com%2F&r=
Requested by: Host: www.normandyins.com
URL: https://www.normandyins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.253.207.75 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: d6f25bf236f0a6844bc7c5453ded4286ee76618e3bf868e81da6d43fa95a75b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

Cache-Control: private,max-age=0
X-Timing: lt=0,fs=35,tfc=36,fpcd=37
Connection: close
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 3009
P3P: CP="Intentionally invalid"
Date: Thu, 17 Oct 2024 17:41:06 GMT
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
106 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFTSFC89B5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ5H29F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd882f4d85db28f395cbf915ebe5941b1e8767521f67856025d09273b3d3dae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 17:41:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108610
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
35ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ5H29F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: gzip
age: 890
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 19:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
2 KB 74ms
32ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ5H29F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
age: 1771
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 18:11:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:11:34 GMT
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 2133
x-xss-protection: 0
server: sffe

GET
H3 200 61ba1773363c2aa7eed7bc80_normandy-website.png
cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/ 389 B
789 B 158ms
158ms Other
image/png 104.18.161.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6164f9e5cb704c6c3803670d/61ba1773363c2aa7eed7bc80_normandy-website.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f86e32ea1f578d440c5e9c53589a96948bf0cebf41d9f14bf622789f1c020a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cf-cache-status: HIT
etag: "a2aef60a9d34528399220061fb145b17"
x-amz-version-id: nx0M8gKTQYm7Kc8_z9kyYAtHH7b7CieI
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 17:41:05 GMT
content-type: image/png
last-modified: Wed, 15 Dec 2021 16:27:32 GMT
vary: Accept-Encoding
x-amz-id-2: gnzxYMcgvfCS4d2L73f3mWmygCLMBvrlQvZtVMbFJDwgL/DjIT6icCaWxhmh9ae/xeITerHgKzFvUgC010QECg==
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 2WWDEHW1HRQP1J58
cf-ray: 8d4213d60f170e42-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 389
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
20 KB 41ms
40ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
age: 158146
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 21:45:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 21:45:19 GMT
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges: bytes
content-length: 20777
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 112ms
42ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EFTSFC89B5&gtm=45je4ag0v883991290z8844764593za200zb844764593&_p=1729186863613&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&cid=712357042.1729186866&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729186865&sct=1&seg=0&dl=https%3A%2F%2Fwww.normandyins.com%2F&dt=Normandy%20Insurance%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2892
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFTSFC89B5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.normandyins.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:05 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 135ms
43ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EFTSFC89B5&cid=712357042.1729186866&gtm=45je4ag0v883991290z8844764593za200zb844764593&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFTSFC89B5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.normandyins.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:05 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 154ms
71ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EFTSFC89B5&cid=712357042.1729186866&gtm=45je4ag0v883991290z8844764593za200zb844764593&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685&tag_exp=101533422~101686685&z=1420576498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 17:41:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

wcm Show response
www.google.it/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/877642365/wcm?cc=ZZ&dn=8666886442&cl=azSwCLGZ5NYCEP2Ev6ID&dma=1&dma_cps=syphamo&npa=1&ct_eid=2
https://www.google.it/pagead/attribution/wcm?cc=ZZ&dn=8666886442&cl=azSwCLGZ5NYCEP2Ev6ID&dma=1&dma_cps=syphamo

80 B
244 B

46ms
44ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.it/pagead/attribution/wcm?cc=ZZ&dn=8666886442&cl=azSwCLGZ5NYCEP2Ev6ID&dma=1&dma_cps=syphamo

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

cache-control: private
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 87
date: Thu, 17 Oct 2024 17:41:05 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

Redirect headers

location: https://www.google.it/pagead/attribution/wcm?cc=ZZ&dn=8666886442&cl=azSwCLGZ5NYCEP2Ev6ID&dma=1&dma_cps=syphamo
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.normandyins.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 17 Oct 2024 17:41:05 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
437 B 40ms
39ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=984139356&t=pageview&_s=1&dl=https%3A%2F%2Fwww.normandyins.com%2F&ul=it-it&de=UTF-8&dt=Normandy%20Insurance%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1337329410&gjid=168577534&cid=712357042.1729186866&tid=UA-64452852-3&_gid=2053425688.1729186866&_r=1&_slc=1&gtm=45He4ag0n81WQ5H29Fv844764593za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823847&npa=1&z=553927858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c0ce585edb1d779f2ab33a75aa7e490b69c7aaba6bcbade1d5dfb66389969050

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.normandyins.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.normandyins.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
108 KB 64ms
63ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFTSFC89B5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b2c53225ac7b5c9984558293ed68afe7d6ecc3608a65624cacb40261f1020a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 17:41:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 17:41:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110459
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK core.js Show response
niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/ 132 KB
44 KB 1229ms
287ms Script
text/javascript 23.253.207.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/core.js
Requested by: Host: niblewren.co
URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd?t=Normandy%20Insurance%20Services&u=https%3A%2F%2Fwww.normandyins.com%2F&r=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.253.207.75 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 228c4f21a9fe0418517e128ae40f56f92a3a51ed92a80d6b348a59119c2738ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.normandyins.com/

Response headers

Cache-Control: public,no-transform,max-age=604800,s-maxage=604800
Content-Encoding: gzip
X-Timing: lt=0,lso-n=0,fs=1
ETag: e2b773327d56fe9d156150a03fa89df1
Connection: close
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
Expires: Thu, 24 Oct 2024 17:41:07 GMT
Access-Control-Allow-Origin: *
Content-Length: 44702
Date: Thu, 17 Oct 2024 17:41:07 GMT
Content-Type: text/javascript

PUT 67114c323572a071268264c6
niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/ 0
0

OPTIONS
H/1.1 200
OK 67114c323572a071268264c6
niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/ Frame 0
0 584ms
143ms Preflight 23.253.207.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/67114c323572a071268264c6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.253.207.75 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://www.normandyins.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Null, Accept, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
Access-Control-Allow-Origin: *
Allow: GET, POST, PUT, OPTIONS
Connection: close
Date: Thu, 17 Oct 2024 17:41:08 GMT
Transfer-Encoding: chunked

PUT 67114c323572a071268264c6
niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/ 0
0

OPTIONS 67114c323572a071268264c6
niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: niblewren.co
URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/67114c323572a071268264c6

Domain: niblewren.co
URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/67114c323572a071268264c6

Domain: niblewren.co
URL: https://niblewren.co/anywhere/6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd/67114c323572a071268264c6

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
niblewren.co/anywhere	1970-01-21 09:05:22	Name: 6757d4501bbe44929030b322d85bf39c89d988859aa546b894cd38283923cbfd Value: 67114c323572a071268264c6
.prod.website-files.com/	1970-01-21 00:19:48	Name: __cf_bm Value: bWDhGlPuCh4eF8WNaGqTekiqvR3VgM5tcg5ED.PZawk-1729186863-1.0.1.1-4gNl.APMuPCUkddvKG8q6A1njbhtGQOBGpIuZ0zmHfKxeOSVZiwJdLQ.oZuSW8AktFH5BxiSIVrThCXH6YgZTg
.normandyins.com/	1970-01-21 02:29:22	Name: _gcl_au Value: 1.1.303796394.1729186866
.normandyins.com/	1970-01-21 09:55:46	Name: _ga_EFTSFC89B5 Value: GS1.1.1729186865.1.0.1729186865.60.0.0
.normandyins.com/	1970-01-21 09:55:46	Name: _ga Value: GA1.2.712357042.1729186866
.normandyins.com/	1970-01-21 00:21:13	Name: _gid Value: GA1.2.2053425688.1729186866
.normandyins.com/	1970-01-21 00:19:46	Name: _gat_UA-64452852-3 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ajax.googleapis.com
app.reviewgrower.com
cdn.acsbapp.com
cdn.prod.website-files.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
niblewren.co
region1.analytics.google.com
rgwidgets.ravu.me
stats.g.doubleclick.net
widget.trustpilot.com
www.google-analytics.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.normandyins.com
niblewren.co
104.18.161.117
142.250.184.227
142.250.184.232
172.217.16.130
18.102.16.191
2001:4860:4802:34::36
23.253.207.75
2606:4700:10::6816:cc
2606:4700:10::ac43:b9b
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9a
52.222.232.39
52.222.236.71
54.163.86.186
054ca8901ce3abed28da97da82a4d9b46eddac5a00abef7fad1e536e40300bd2
06ea5ad4308209e265040ec34e05ca698a28a2ca530ea1b98469c248b00e34d3
095a419a7e9d826faf0efcb8176e529da5c9a2a56e3ff1295c5fd7efa6f448f0
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1351cb237fbb0085ed458cbfb79c819a88c119a4136a418566150f56a3209ed0
186da3c0c134617cf5492828d07ed65315baeff0dcec7642ea001d1572af0284
228c4f21a9fe0418517e128ae40f56f92a3a51ed92a80d6b348a59119c2738ea
3b35199f810285e719c57491d5f90283d1e3358d0d45b162781f47c26e4969c2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f6d3488cf65374f6f676c315340b0ac2be832bd55240c809448e36ef9b96326
529824ce33f91e2db6462f1e9a7529018d65a609c7762e64ad335fa3bb591440
5a0d96b74be04b8fba1d11fd5487d408e9d8bf42ed8bcb9c5168041986b7b4a7
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
9103fedb2aa34e9b9731d27e3865ca41fe34581090521cf1f36d200a96a8350f
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
abb8ee666d57faa61f839513bd6490e5033abea73bdbaebe178d9408cd3d86b5
ace76f81f2f8730b8e998c6c10182cf1af20fce988d4ade19172791db03f3657
b2c53225ac7b5c9984558293ed68afe7d6ecc3608a65624cacb40261f1020a29
b555dee49ac11093eb6ae6d537fb088e8ae87c872e3df80de397e9526eacd9a6
ba039e6b19cf26daf9af2a049c97724c358e13651ef83e3cfe882f70ad831d97
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd882f4d85db28f395cbf915ebe5941b1e8767521f67856025d09273b3d3dae9
c0ce585edb1d779f2ab33a75aa7e490b69c7aaba6bcbade1d5dfb66389969050
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
d6f25bf236f0a6844bc7c5453ded4286ee76618e3bf868e81da6d43fa95a75b9
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44f305f6a59eb6ed2345dfd111b8e1c65afd565668e63d8eb9930805ecffe11
e6c86da0b868446a7c42e8b73849790be2eaed7e4c0ba86ac3a1e8eb5950c88a
ea3e2cec52e982a8c58f92e0238e7e17917a6e20c404affd1f7ff0fa1954b67d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77da52d3e1d4f68e657515487e256a4d1c79491bd969d459d0621d763d0d2ec
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7f86e32ea1f578d440c5e9c53589a96948bf0cebf41d9f14bf622789f1c020a
f9217f66874b0c01cd8c10b6a295dbc4f609acb6f5adc41c37da46641b57eb02

www.normandyins.com Open in urlscan Pro 18.102.16.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

91 %HTTPS

50 %IPv6

16 Domains

19 Subdomains

18 IPs

5 Countries

1788 kBTransfer

3255 kBSize

7 Cookies

8 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.normandyins.com Open in urlscan Pro
18.102.16.191 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

91 %
HTTPS

50 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

1788 kB
Transfer

3255 kB
Size

7
Cookies

45 HTTP transactions
1 data transactions