neptunemutual.com Open in urlscan Pro
3.160.212.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://neptunemutual.com/
Submission: On December 14 via automatic, source certstream-suspicious (December 14th 2023, 8:07:12 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 3.160.212.77, located in United States and belongs to AMAZON-02, US. The main domain is neptunemutual.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 14th 2023. Valid for: a year.

This is the only time neptunemutual.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	3.160.212.77 3.160.212.77		16509 (AMAZON-02) (AMAZON-02)
8	1

8 3.160.212.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-77.mxp53.r.cloudfront.net

neptunemutual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	neptunemutual.com neptunemutual.com	314 KB
8	1

	Domain	Requested by
8	neptunemutual.com	neptunemutual.com
8	1

This site contains links to these domains. Also see Links.

Domain
nft.neptunemutual.com
www.youtube.com
arbitrum.neptunemutual.net
www.npmjs.com
community.neptunemutual.com
explorer.neptunemutual.net
twitter.com
www.reddit.com
t.me
github.com
www.linkedin.com
discord.com

Subject Issuer	Validity	Valid
*.neptunemutual.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://neptunemutual.com/
Frame ID: FECBC2891ED42CB696E6ED73B530C523
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Decentralized Insurance Protocol / Neptune Mutual

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

314 kB
Transfer

588 kB
Size

0
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://nft.neptunemutual.com/?theme=light
Title: NFT Portal Participate in our cover pools and mint NFTs for free.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/neptune-mutual
Title: All Video Tutorials

Search URL Search Domain Scan URL

URL: https://arbitrum.neptunemutual.net/
Title: Launch App on Arbitrum

Search URL Search Domain Scan URL

URL: https://www.npmjs.com/package/@neptunemutual/sdk
Title: Get the Neptune Mutual SDK

Search URL Search Domain Scan URL

URL: https://community.neptunemutual.com/
Title: Community Forums

Search URL Search Domain Scan URL

URL: https://explorer.neptunemutual.net/?theme=light
Title: Explorer

Search URL Search Domain Scan URL

URL: https://twitter.com/neptunemutual
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/NeptuneMutual/
Title: reddit

Search URL Search Domain Scan URL

URL: https://t.me/neptunemutual
Title: telegram

Search URL Search Domain Scan URL

URL: https://github.com/neptune-mutual-blue
Title: github

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/neptune-mutual
Title: linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/NeptuneMutual
Title: youtube

Search URL Search Domain Scan URL

URL: https://discord.com/invite/2qMGTtJtnW
Title: discord

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
neptunemutual.com/ 390 KB
111 KB 442ms
278ms Document
text/html 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

defd42e96e79575a1f706e44fc37eea8b06624b2502c6203ec05356962bb6b82

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 600
cache-control: s-maxage=3600
content-encoding: gzip
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
content-type: text/html
date: Thu, 14 Dec 2023 20:07:08 GMT
etag: W/"31138b3e809e5c43f01c8c250d448a80"
expect-ct: enforce, max-age=31536000
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
last-modified: Tue, 12 Dec 2023 15:08:11 GMT
permissions-policy: fullscreen=(), geolocation=()
referrer-policy: strict-origin
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-amz-cf-id: J9cPm9I41aRv_Q9osYsP7sR2agNiD4AgZUTrwEYMYwF9Sv54xk3tHg==
x-amz-cf-pop: MXP53-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 hoisted.174ed90d.js Show response
neptunemutual.com/_astro/ 1 KB
2 KB 221ms
221ms Script
application/javascript 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://neptunemutual.com/_astro/hoisted.174ed90d.js

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aee2b230733f5b1c216d246406b0154ca6e41aaabe73b71bd64d7bd37b1f19db

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://neptunemutual.com/
Origin: https://neptunemutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 20:07:09 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:07:44 GMT
server: AmazonS3
etag: W/"f4867ceef8d0fccaa409ce44ca2d95c2"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/javascript
access-control-max-age: 600
cache-control: public, max-age=0, s-maxage=600
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
access-control-allow-headers: *
vary: Accept-Encoding
x-amz-cf-id: hs6lQXQSb4hr5Xy1O3VhZZpD60yIpzwy1XgdQiKlgociP5dRjo2SCg==

GET
H2 200 home-cover.webp
neptunemutual.com/assets/images/hero/ 52 KB
54 KB 294ms
294ms Image
image/webp 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neptunemutual.com/assets/images/hero/home-cover.webp

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab23f6fc7cd0d5b7c515ccb30dbda2769cdc9b60c645594152c575ab486d974c

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://neptunemutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 20:07:09 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MXP53-P3
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
content-length: 53658
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:07:44 GMT
server: AmazonS3
etag: "35c439750056177810c0a81b99321145"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: image/webp
access-control-max-age: 600
cache-control: public, max-age=0, s-maxage=600
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: MXTQBtFYStZrWwi0mICkomCtJw-dcd9MzsBvesCG1_fwMQvAHuICcw==

GET
H2 200 what-are-the-main-security-issues-in-defi.webp
neptunemutual.com/cdn/ 41 KB
42 KB 67ms
66ms Image
image/webp 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neptunemutual.com/cdn/what-are-the-main-security-issues-in-defi.webp

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

26d5b44e6022e91faed86dad529808c9429e9d234f692d1c6a91458b50d4e02a

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://neptunemutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:03:36 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MXP53-P3
age: 36213
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 41680
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:08:09 GMT
server: AmazonS3
etag: "d69bdefa219923c2dce915ae720abf6a"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: image/webp
access-control-max-age: 600
cache-control: s-maxage=86400
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aXZgshdtfUNp0wXuH9fOdZzA1AiggJ3_xMaRvfeLqecznfAxxWB1-A==

GET
H2 200 What-is-sportsfi-sports-meets-blockchain.webp
neptunemutual.com/cdn/ 33 KB
35 KB 74ms
73ms Image
image/webp 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neptunemutual.com/cdn/What-is-sportsfi-sports-meets-blockchain.webp

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0192de7e067e895aff135bd12a80726c47b3b54e01b56d7bdd6195ad3483e4b2

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://neptunemutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:03:36 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MXP53-P3
age: 36213
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 34024
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:08:09 GMT
server: AmazonS3
etag: "d18cf72a801934a324fddd76cd28f5ef"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: image/webp
access-control-max-age: 600
cache-control: s-maxage=86400
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9oRK_7k-50Voj6cpFo-QM3uSoLIhO9qGPsPp6CYVJBDpUNPtyZEMfw==

GET
H2 200 understanding-the-time-token-exploit.webp
neptunemutual.com/cdn/ 62 KB
64 KB 54ms
54ms Image
image/webp 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neptunemutual.com/cdn/understanding-the-time-token-exploit.webp

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1eae6e1fd44f2b02c6fb924a0d3639ab3f34ab03f6e8f60f21300ff623a4af3c

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://neptunemutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:11:47 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MXP53-P3
age: 17722
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Hit from cloudfront
content-length: 63442
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:08:08 GMT
server: AmazonS3
etag: "17ce085fe1398e5a6200dc74cb8470e4"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: image/webp
access-control-max-age: 600
cache-control: s-maxage=86400
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: drQDUTGOJsW75KqSWouoTuCoODX79BvRwQCUjV6djC-Jq7k1KYYg_w==

GET
H2 200 hoisted.12c90c00.js Show response
neptunemutual.com/_astro/ 5 KB
3 KB 256ms
256ms Script
application/javascript 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://neptunemutual.com/_astro/hoisted.12c90c00.js

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

62aa8b40433c56365f3305b02668208b12406fd9576ab56c25e92931dedd3c86

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://neptunemutual.com/
Origin: https://neptunemutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 20:07:09 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:07:44 GMT
server: AmazonS3
etag: W/"7b5e24fb3b3f50e6c563fd57e5bfd22d"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/javascript
access-control-max-age: 600
cache-control: public, max-age=0, s-maxage=600
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
access-control-allow-headers: *
vary: Accept-Encoding
x-amz-cf-id: DQaVk_fv_BKWH1rMKFJjmL2StljBwxvacHEZ1nrdMi4k2RmQaCJQZw==

GET
H2 200 slider.4f2154c0.js Show response
neptunemutual.com/_astro/ 3 KB
2 KB 219ms
219ms Script
application/javascript 3.160.212.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://neptunemutual.com/_astro/slider.4f2154c0.js

Requested by

Host: neptunemutual.com
URL: https://neptunemutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-77.mxp53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

45ec95807b2ee1b810d036eff85953e1b76f53a93d12ac0930c6848bab4a1197

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://neptunemutual.com/
Origin: https://neptunemutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 20:07:09 GMT
content-security-policy: worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://*.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://*.neptunemutual.net https://*.clarity.ms https://*.bing.com; font-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 e9df9208e47c27cd0269b8a16fc74b96.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 12 Dec 2023 15:07:44 GMT
server: AmazonS3
etag: W/"ef7146d38e75f922525f41ce4f4e66a9"
expect-ct: enforce, max-age=31536000
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/javascript
access-control-max-age: 600
cache-control: public, max-age=0, s-maxage=600
feature-policy: microphone 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'
permissions-policy: fullscreen=(), geolocation=()
access-control-allow-credentials: false
access-control-allow-headers: *
vary: Accept-Encoding
x-amz-cf-id: b5n_XPoFqDkg03_rHPObU6gA7PG3j22FI6wFa9M8BEZm9GUjAdr5yg==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: fullscreen, geolocation. Values defined in Permissions-Policy header will be used.
security	error	URL: https://neptunemutual.com/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	worker-src 'none'; script-src 'self' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' 'unsafe-inline' 'nonce-j+h4QPo2G1leKJxLFUVrGw==' 'nonce-rB42p7Q3aSWYNZnxB12Ztw==' https://www.googletagmanager.com/ https://www.clarity.ms/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://platform.twitter.com/ https://gist.github.com/; connect-src 'self' https://api.neptunemutual.net https://cms.neptunemutual.net https://.clarity.ms https://www.google-analytics.com https://youtube.com/; style-src 'self' 'unsafe-inline' https://github.githubassets.com/; upgrade-insecure-requests; frame-src 'self' https://docs.google.com https://platform.twitter.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; default-src 'none'; prefetch-src 'self'; manifest-src 'self'; base-uri 'none'; form-action 'none'; object-src 'self'; img-src 'self' data: https://.neptunemutual.net https://.clarity.ms https://.bing.com; font-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

neptunemutual.com
3.160.212.77
0192de7e067e895aff135bd12a80726c47b3b54e01b56d7bdd6195ad3483e4b2
1eae6e1fd44f2b02c6fb924a0d3639ab3f34ab03f6e8f60f21300ff623a4af3c
26d5b44e6022e91faed86dad529808c9429e9d234f692d1c6a91458b50d4e02a
45ec95807b2ee1b810d036eff85953e1b76f53a93d12ac0930c6848bab4a1197
62aa8b40433c56365f3305b02668208b12406fd9576ab56c25e92931dedd3c86
ab23f6fc7cd0d5b7c515ccb30dbda2769cdc9b60c645594152c575ab486d974c
aee2b230733f5b1c216d246406b0154ca6e41aaabe73b71bd64d7bd37b1f19db
defd42e96e79575a1f706e44fc37eea8b06624b2502c6203ec05356962bb6b82

neptunemutual.com Open in urlscan Pro 3.160.212.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

314 kBTransfer

588 kBSize

0 Cookies

13 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

4 Console Messages

Security Headers

Indicators

neptunemutual.com Open in urlscan Pro
3.160.212.77 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

314 kB
Transfer

588 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions