www.pekininsurance.com Open in urlscan Pro
18.217.98.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pekininsurance.com/billing
Submission: On April 27 via manual (April 27th 2023, 5:18:50 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 55 HTTP transactions. The main IP is 18.217.98.135, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.pekininsurance.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 10th 2023. Valid for: 7 months.

This is the only time www.pekininsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	18.217.98.135 18.217.98.135	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
8	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.10.42.55 52.10.42.55	16509 (AMAZON-02) (AMAZON-02)
55	8

36 18.217.98.135 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-98-135.us-east-2.compute.amazonaws.com

www.pekininsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.10.42.55 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-42-55.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	pekininsurance.com www.pekininsurance.com	2 MB
11	userway.org cdn.userway.org — Cisco Umbrella Rank: 6450 api.userway.org — Cisco Umbrella Rank: 6607	116 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	91 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	45 KB
0	doubleclick.net Failed stats.g.doubleclick.net Failed
55	7

	Domain	Requested by
36	www.pekininsurance.com	www.pekininsurance.com
8	cdn.userway.org	www.pekininsurance.com cdn.userway.org
3	api.userway.org	cdn.userway.org
3	connect.facebook.net	www.pekininsurance.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.facebook.com	www.pekininsurance.com
1	www.googletagmanager.com	www.pekininsurance.com
0	stats.g.doubleclick.net Failed	www.google-analytics.com
55	8

This site contains links to these domains. Also see Links.

Domain
mypireg.pekininsurance.us
portal.beyondtheexpected.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
goo.gl
www.bbb.org

Subject Issuer	Validity	Valid
www.pekininsurance.com Amazon RSA 2048 M02	`2023-02-10` - `2023-09-16`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-04` - `2023-05-05`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2023-02-09` - `2023-10-31`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.pekininsurance.com/billing
Frame ID: 726A401B1D25059E43C45C06B62F1B29
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billing

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1840 kB
Transfer

3034 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://mypireg.pekininsurance.us/Login/
Title: Policyholder Login

Search URL Search Domain Scan URL

URL: https://portal.beyondtheexpected.com/
Title: Agent Login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PekinInsurance

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pekin_insurance

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pekin-insurance

Search URL Search Domain Scan URL

URL: https://twitter.com/pekininsurance

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PekinInsurance

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/nFYNdJH5k8kRdTbw8
Title: 2505 Court Street Pekin, Illinois 61558-0001

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/il/pekin/profile/insurance-companies/pekin-insurance-0724-6000026/#sealclick

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request billing Show response
www.pekininsurance.com/ 76 KB
22 KB 792ms
201ms Document
text/html 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8cc0345db63d7b66746f92e6fd0bb7649e4ad724b1fef03262efaf2a06013031

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 20020
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
content-type: text/html; charset=utf-8
date: Thu, 27 Apr 2023 17:18:45 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 WebResource.axd Show response
www.pekininsurance.com/ 3 KB
4 KB 106ms
104ms Script
application/x-javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/WebResource.axd?d=DzHrpQl5URXarFHAtrmzFjWRewxtGybp5XLNUUvNzQ0gCEuHWXxM63fzCHpvWw8WjkabkZHnC1UQlyqp2N6E08xJd_EU6Sea278vpjICrqTklmf1n3t-BlT3c2D8P9RqVxR9krAJVnXf1K87Z5kA1rOqNlZ_LbkzMvG62UScn0tMxzTBb8Mypp1pJIri87oB0&t=637263371940000000

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ff99878833b36d14a259f3e68f6decd9a6fb2d1a10c7e3c9381c3f30dcddec35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1501
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 May 2020 08:19:54 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
expires: Sun, 07 Jan 2024 12:07:30 GMT

GET
H2 200 Roboto-Black.woff2
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/ 63 KB
66 KB 116ms
114ms Font
application/font-woff2 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/Roboto-Black.woff2

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8e9a7717ebdd6af1f1eb1344afd60322c38bac77db663f69da53191296a04224

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pekininsurance.com/billing
Origin: https://www.pekininsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 64888
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Regular.woff2
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/ 63 KB
65 KB 218ms
216ms Font
application/font-woff2 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/Roboto-Regular.woff2

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4b9f4b6894c43b1ad68c54790e1b7d0f3aa0947b3fff960452ea6d8e172b4683

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pekininsurance.com/billing
Origin: https://www.pekininsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 64692
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Medium.woff2
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/ 64 KB
66 KB 218ms
215ms Font
application/font-woff2 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/Roboto-Medium.woff2

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

64b4e73268acd7bfcbf4a3d6431e5f137a4c4deab6340b04e9d23e5324a2250b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pekininsurance.com/billing
Origin: https://www.pekininsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65264
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-LightItalic.woff2
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/ 69 KB
71 KB 217ms
215ms Font
application/font-woff2 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/fonts/Roboto-LightItalic.woff2

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2ff66b063e35e832b75feb12e9e7095b2555339849a1fabf29a5c302ae68415a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pekininsurance.com/billing
Origin: https://www.pekininsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 70464
x-xss-protection: 1; mode=block

GET
H2 200 main.css
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/css/ 298 KB
59 KB 216ms
214ms Stylesheet
text/css 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/css/main.css?v=5965615037438073378

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ddde4b561d9fa288166346ffcda890697e4b73fda7329800edbfd7bca6b94fc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: ASP.NET
content-length: 57706
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
etag: "03c11a86e5cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 vue-app-initialization.js Show response
www.pekininsurance.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/Shared/ 300 B
3 KB 218ms
217ms Script
application/javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/Shared/vue-app-initialization.js?package=Pekin&v=NTU4MDE3NDEz

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

91a9ae5b3c7ba4761a67aad86de77d318775fbae29709d32c32842e7fdb4f394

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 287
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 May 2020 08:19:56 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
expires: Thu, 04 May 2023 17:18:45 GMT

GET
H2 200 vue-app-initialization.js Show response
www.pekininsurance.com/Frontend-Assembly/PublicWebsite.Web.UI/Mvc/Scripts/Shared/ 300 B
3 KB 219ms
217ms Script
application/javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/Frontend-Assembly/PublicWebsite.Web.UI/Mvc/Scripts/Shared/vue-app-initialization.js?package=Pekin&v=NTU4MDE3NDEz

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

91a9ae5b3c7ba4761a67aad86de77d318775fbae29709d32c32842e7fdb4f394

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 287
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 May 2020 08:19:56 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
expires: Thu, 04 May 2023 17:18:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 50ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-13028347-2

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

188f12af1bc9f022237f6105d2b20f3eb990746dc3bbd4fc7456db4dec3ad0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45393
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 16:09:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Apr 2023 17:18:46 GMT

GET
H2 200 pekin-insurance-logo-whitef26d7e99-b463-443a-96f4-22c9b28d9dd7.svg
www.pekininsurance.com/images/default-source/default-album/ 13 KB
15 KB 120ms
117ms Image
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/pekin-insurance-logo-whitef26d7e99-b463-443a-96f4-22c9b28d9dd7.svg?sfvrsn=4f15b4f7_1

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

23b196e4342fb49e3864d308a119a6aeb9c00e6450e5557d51bfeaa6cbbb6ffb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=pekin-insurance-logo-whitef26d7e99-b463-443a-96f4-22c9b28d9dd7.svg
content-length: 13469
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 14:54:39 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 call-outline-1697b99ae-2f2b-4381-aa4f-c5562fc07c78.png
www.pekininsurance.com/images/default-source/backend-thumbnails/ 9 KB
11 KB 113ms
109ms Image
image/png 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/backend-thumbnails/call-outline-1697b99ae-2f2b-4381-aa4f-c5562fc07c78.png?sfvrsn=fdd62d51_1

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ba756e5df787803e6f0bbc2384b3de0693700e6d69424aa18d310c4f50315c9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=call-outline-1697b99ae-2f2b-4381-aa4f-c5562fc07c78.png
content-length: 8717
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Apr 2021 14:55:39 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 mail-outline-156d8591b-913d-4912-b286-4bdfbaf8fc9a.png
www.pekininsurance.com/images/default-source/backend-thumbnails/ 5 KB
7 KB 122ms
118ms Image
image/png 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/backend-thumbnails/mail-outline-156d8591b-913d-4912-b286-4bdfbaf8fc9a.png?sfvrsn=cbf1dba9_1

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7c2e91415a55ef552c38d193d202c98e3fb684725d24e823743f409a0eebb754

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=mail-outline-156d8591b-913d-4912-b286-4bdfbaf8fc9a.png
content-length: 5261
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Apr 2021 14:58:13 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 shield-checkmark-outline.svg
www.pekininsurance.com/images/default-source/default-album/ 592 B
3 KB 117ms
114ms Image
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/shield-checkmark-outline.svg?sfvrsn=69ac5367_0&MaxWidth=50&MaxHeight=50&ScaleUp=false&Quality=High&Method=ResizeFitToAreaArguments&Signature=5346E714A9FF64FC99F92C58F84509D5351E7125

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a86be898e8fdca8dc9f0147697a9e4a47ca68cbac9cda716f4226bc5bdf589dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=shield-checkmark-outline.svg
content-length: 592
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Aug 2021 18:04:25 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 leaf-outline.svg
www.pekininsurance.com/images/default-source/default-album/ 442 B
3 KB 118ms
115ms Image
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/leaf-outline.svg?sfvrsn=d370949_0&MaxWidth=50&MaxHeight=50&ScaleUp=false&Quality=High&Method=ResizeFitToAreaArguments&Signature=F0B21F7ABA8183771700C721768817E2F4003090

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ed2bd8b65aaf1b7b0ca7dbbf35f2fcd29de520dc5de81f3ec1bf1ddc5a39bf7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=leaf-outline.svg
content-length: 442
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Aug 2021 18:10:22 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 stopwatch-outline.svg
www.pekininsurance.com/images/default-source/default-album/ 692 B
3 KB 119ms
116ms Image
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/stopwatch-outline.svg?sfvrsn=9b90371c_0&MaxWidth=50&MaxHeight=50&ScaleUp=false&Quality=High&Method=ResizeFitToAreaArguments&Signature=617990F6576695897683F4AC3E8124966F2C906A

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6fbf0fcc1b8eade56bf53d35627fd95172eafb53ba40fe94a7abe028bce4ef67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=stopwatch-outline.svg
content-length: 692
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Aug 2021 18:11:10 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 thumbs-up-outline.svg
www.pekininsurance.com/images/default-source/default-album/ 1 KB
3 KB 205ms
203ms Image
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/thumbs-up-outline.svg?sfvrsn=f2fb4d1d_0&MaxWidth=50&MaxHeight=50&ScaleUp=false&Quality=High&Method=ResizeFitToAreaArguments&Signature=F6B2B3470842062C31EF334ECEC458A1CA91FC2B

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dcb50e07760162083063ff50d38703d99677aaa9bbae0d988c73bd24d3b71794

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=thumbs-up-outline.svg
content-length: 1062
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Aug 2021 18:11:42 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 pekininsurancewhite1d80e2f71-72b5-4e8d-be55-2fbc763f162e.png
www.pekininsurance.com/images/default-source/default-album/ 5 KB
7 KB 204ms
201ms Image
image/png 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/pekininsurancewhite1d80e2f71-72b5-4e8d-be55-2fbc763f162e.png?sfvrsn=accbe154_1

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

401608945384d3ebbe5b149bffe481de5cef3400c946563ada8ca6fac6a9e14a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=pekininsurancewhite1d80e2f71-72b5-4e8d-be55-2fbc763f162e.png
content-length: 4647
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 14:54:41 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 blue-seal-250-52-bbb-6000026.png
www.pekininsurance.com/images/default-source/default-album/ 4 KB
6 KB 202ms
200ms Image
image/png 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/default-album/blue-seal-250-52-bbb-6000026.png?sfvrsn=f834c93d_0

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

004f016ee74af68781c39b25042de70e04a0b77628d32306be93bcb80fa346e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=blue-seal-250-52-bbb-6000026.png
content-length: 3963
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Apr 2023 15:05:05 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 jquery.min.js Show response
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/js/ 88 KB
33 KB 106ms
106ms Script
application/javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/js/jquery.min.js?v=5965615037438073378

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: ASP.NET
content-length: 31113
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
etag: "03c11a86e5cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 vendor.bundle.js Show response
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/js/ 278 KB
95 KB 108ms
107ms Script
application/javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/js/vendor.bundle.js?v=5965615037438073378

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

520450f462e8eb70add477b8674a17eebe19bd5a140f7b60dbf3eb98d3f18fb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: ASP.NET
content-length: 95057
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
etag: "03c11a86e5cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 main.js Show response
www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/js/ 73 KB
21 KB 107ms
104ms Script
application/javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/ResourcePackages/Pekin/assets/dist/js/main.js?v=5965615037438073378

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6f5aa4cb840a8c9a471b8b335d11859de7251c9371ff985820e8c14f25c6618

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: ASP.NET
content-length: 19158
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
etag: "03c11a86e5cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 WebResource.axd Show response
www.pekininsurance.com/ 4 KB
4 KB 109ms
105ms Script
application/x-javascript 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/WebResource.axd?d=NjxTqR2bqTw1rewxxlkHPldqHV3_62QT9o3vcKj51Shp_5umobeJGsWnM_wo-PbbKhBE8SvvleXupMsd-wb49B0cXQXUywglwcZWqjUmjEdkle2_sY55dG7cHxYe2LvXKQ5jZscKSwNeYwKlKaxNivnHDDyzV0k_naf8ouUiLuU8W6C8ba7PH7s5zzPlW5nyuo5pp8InTO5j_6HJwkU5KrZt2cUobXLQbi5vvYw2jdc1&t=637263371960000000

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ba676b909787f5952aecc3d7b883761753a60cf4cd262b0b955a4de2120de8ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1644
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 May 2020 08:19:56 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
expires: Sat, 29 Jul 2023 00:48:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Apr 2023 17:18:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YCKDDYJ5rU8OC/LRaKM8v+uRIG7j8eb39zYbOymfmG1P3ufkkSIRaes9bDuxeJa5yhFpvHoIwKlNkiziz04ucQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 32px-menu-icon.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 244 B
2 KB 204ms
202ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/32px-menu-icon.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fae6f5e854acf64505fe0379d52282b82582c16416702e5888056dd55c5d66bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 244
x-xss-protection: 1; mode=block

GET
H2 200 32px-cancel-icon.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 358 B
3 KB 212ms
209ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/32px-cancel-icon.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

af61b1ca81df8f8636f75d17595774fe731e80da80b9e6abb49b5e7a520fbbf4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 358
x-xss-protection: 1; mode=block

GET
H2 200 24px-user-icon.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 322 B
3 KB 207ms
205ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/24px-user-icon.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bfe82e63a29716a328f497d9fde2c2f07e84b98732347810966fcb394cdbbad0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 322
x-xss-protection: 1; mode=block

GET
H2 200 24px-agent-icon.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 302 B
3 KB 210ms
208ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/24px-agent-icon.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e28b9e25dcd8f388b00a30c91ce05b69dae085185307b4287b03cebe678770ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 302
x-xss-protection: 1; mode=block

GET
H2 200 32px-search-icon.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 521 B
3 KB 205ms
203ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/32px-search-icon.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

38a1532540a07cdb02d2447871056ba5b0f7ee3fa4afdbef60908cccd07aac85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 521
x-xss-protection: 1; mode=block

GET
H2 200 16px-direction-arrow-right.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 312 B
3 KB 212ms
211ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/16px-direction-arrow-right.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8f0116ae33059b511c7567a8c4cb992161d2838bf248e7e6771114f3fbf21145

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 312
x-xss-protection: 1; mode=block

GET
H2 200 facebook-footer.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 652 B
3 KB 204ms
203ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/facebook-footer.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

683263fc6c4eff73aae8332e5fa5ce037cbd7e3c239aecd1eb05280af9b6e94c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 652
x-xss-protection: 1; mode=block

GET
H2 200 instagram-footer.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 1 KB
4 KB 211ms
210ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/instagram-footer.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a1a54a8ea2c351cda909b8cf6d6190387f2a0993bb0a2a4067cb658a5c68e1e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1358
x-xss-protection: 1; mode=block

GET
H2 200 linkedin-footer.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 561 B
3 KB 205ms
204ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/linkedin-footer.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

31558584698055d030760edd7be31a3f9121dc2c325dbd14f1b4ccff7d61c0ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 561
x-xss-protection: 1; mode=block

GET
H2 200 twitter-footer.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 701 B
3 KB 209ms
209ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/twitter-footer.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

58611909421e6aea66d0864ae04dc3f05aad0965442e2a5ca88f1ccf7ffa4f50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 701
x-xss-protection: 1; mode=block

GET
H2 200 youtube-footer.svg
www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/ 560 B
3 KB 205ms
205ms Other
image/svg+xml 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pekininsurance.com/resourcepackages/pekin/assets/dist/images/youtube-footer.svg

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b10add4a8913804e774a547db119bd9cba3ec10dc9ac18a41e28e54c7f0e3137

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 22 Mar 2023 03:30:32 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
etag: "03c11a86e5cd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 560
x-xss-protection: 1; mode=block

GET
H2 200 488292892596490 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/488292892596490?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cae705a4cdc9eb4a2aa55248979b88971d195e3d7245466e59a1c589694e10f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Apr 2023 17:18:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nSy9Ig7ET0F7QhpQDzpX8zOQPRDFODw61zQxhHhdkbtHQ5ptgJv96Gn3RF7+JUfWCuq2iaRuQlg+YFZ+/+vLmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-13028347-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 17:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 822
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 27 Apr 2023 19:05:04 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 65ms
10ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5e904ee18c43eb79993d479888be859f43c3cdb514668a3c22ff235f10662595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:46 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 122
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1651
x-accel-date: 1682614275
x-77-nzt: AZySIRloztf/cwYAAA
x-accel-expires: @1682617875
last-modified: Thu, 27 Apr 2023 16:48:00 GMT
server: CDN77-Turbo
etag: W/"24ad248e23a4473ff93475ad3232c4a8"
x-77-nzt-ray: cf878727e6145c2e76ae4a64929f5618
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: 0Sx_1zxwexYW7_I_vtEcITWy9b2uKGXBxjFCZvw5irsdY_qX3qd_7A==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 22ms
22ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1949310331&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pekininsurance.com%2Fbilling&ul=en-us&de=UTF-8&dt=Billing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1823334336&gjid=1281419945&cid=907217900.1682615926&tid=UA-13028347-2&_gid=2083244818.1682615926&_r=1&gtm=457e34q0&jsscut=1&z=1890816513

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pekininsurance.com/billing
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 17:18:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pekininsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Apr 2023 17:18:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +wSVN00wHugg3yODYjM5suGsqa7pImzaG7UMLzD/7+3EGTlwn/V0RMaSamwklanGPlKWIXIRxKZ+4to9jmFD9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST collect
stats.g.doubleclick.net/j/ 0
0

GET
H2 200 widget_app_base_1682613782162.js Show response
cdn.userway.org/widgetapp/2023-04-27/ 132 KB
39 KB 11ms
11ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88d09829ae3399b12dfdfaafcdda57f9e8555eec786a1efb8fea896a28005c0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:46 GMT
via: 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 41
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1723
x-accel-date: 1682614203
x-77-nzt: AZySIRkkaMH/uwYAAA
x-accel-expires: @1708534203
last-modified: Thu, 27 Apr 2023 16:47:55 GMT
server: CDN77-Turbo
etag: W/"1eb440d863f7cb766fb42b1418e15e07"
x-77-nzt-ray: cf878727e6145c2e76ae4a644f5ed019
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: IAqZ1oSbb68_eFc6Vvmjo7RATNJc-y9HSTkSG_eKJeEFlfVOdpG-Gg==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=488292892596490&ev=PageView&dl=https%3A%2F%2Fwww.pekininsurance.com%2Fbilling&rl=&if=false&ts=1682615926438&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682615926437.1246007524&it=1682615926209&coo=false&rqm=GET

Requested by

Host: www.pekininsurance.com
URL: https://www.pekininsurance.com/billing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Apr 2023 17:18:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 yAMMFQTUMq Show response
api.userway.org/api/tunings/ 1 KB
2 KB 861ms
187ms XHR
application/json 52.10.42.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/yAMMFQTUMq
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.10.42.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-42-55.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 8860176709cc583567bf202da73e4ff2aab350f7ac5a984e3b090c13e40f9ae6

Request headers

Referer: https://www.pekininsurance.com/billing
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 17:18:47 GMT
etag: W/"562-/5vop0U0Jvl6yEAx3G00ToxaoZs"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrfb9a506c5f9c420
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1378
x-service-version: uw-pr

GET
H2 200 vishing-attackf5a822ad-4ee0-4924-80cf-9c3cb6fc425b.tmb-list-m.jpg
www.pekininsurance.com/images/default-source/media/ 18 KB
20 KB 108ms
107ms Image
image/jpeg 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/media/vishing-attackf5a822ad-4ee0-4924-80cf-9c3cb6fc425b.tmb-list-m.jpg?Status=Master&sfvrsn=9cc4733e_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c9d5112a1afc8d6f37644a6958ef516822818ab6116b7ed50f4ae2aee1c246c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=Vishing-Attackf5a822ad-4ee0-4924-80cf-9c3cb6fc425b.jpg
content-length: 18076
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Feb 2021 22:15:09 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 masonry-blog-hero-imagee939850b-c424-4427-9290-a5d6981571bc.tmb-list-m.png
www.pekininsurance.com/images/default-source/media/ 425 KB
428 KB 108ms
108ms Image
image/png 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/media/masonry-blog-hero-imagee939850b-c424-4427-9290-a5d6981571bc.tmb-list-m.png?Status=Master&sfvrsn=77b2c1e8_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ccc0a2f95995039b1d9d72de42a1425b71bad77dbb8b14840b6763f76fc3d567

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=Masonry-Blog-Hero-Imagee939850b-c424-4427-9290-a5d6981571bc.png
content-length: 435148
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Feb 2023 18:58:44 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 contractors-e-of47a25ef-e769-4a3d-b7ca-5dce0cbce310.tmb-list-m.png
www.pekininsurance.com/images/default-source/media/ 517 KB
520 KB 310ms
309ms Image
image/png 18.217.98.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pekininsurance.com/images/default-source/media/contractors-e-of47a25ef-e769-4a3d-b7ca-5dce0cbce310.tmb-list-m.png?Status=Master&sfvrsn=b429b9ab_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.98.135 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-98-135.us-east-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5f54dd54fecc1e01ab087541a6712fcea44054264f40a654c616bb8ff0594402

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:18:46 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.googletagmanager.com *.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://*.userway.org; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com maxcdn.bootstrapcdn.com https://*.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://*.userway.org data:; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://*.userway.org *.twimg.com data: blob: *.eloqua.com track.hubspot.com; media-src 'self' https://*.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://*.userway.org/ https://www.google.com; connect-src 'self' *.googleapis.com accounts.google.com *.google-analytics.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=Contractors-E-Of47a25ef-e769-4a3d-b7ca-5dce0cbce310.png
content-length: 529471
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Feb 2022 20:01:37 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
expires: Fri, 26 Apr 2024 17:18:46 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-04-27/locales/ 468 B
903 B 85ms
36ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-27/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:47 GMT
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 93
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 9057
x-accel-date: 1682606870
x-77-nzt: AZySIRnp7lb/YSMAAA
x-accel-expires: @1708526870
last-modified: Thu, 27 Apr 2023 14:41:16 GMT
server: CDN77-Turbo
etag: W/"ae2d00e3f5dbecf4eb4c641c591a6154"
x-77-nzt-ray: cf878727c4fe5a4d77ae4a6465b19717
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: KCbVk9UFWQHRCMdF_xZFuSCmWetT3sQOf4sMdygBNyPBBPSfoHyjDA==

GET
H2 200 remediation_1682613782162.js Show response
cdn.userway.org/widgetapp/2023-04-27/remediation/ 156 KB
42 KB 21ms
20ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-27/remediation/remediation_1682613782162.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eaf11f5fdbebf0e769224dbc0f2d977c71d6c26e9ba72904e3e72f6cb96600e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:47 GMT
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 114
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1650
x-accel-date: 1682614277
x-77-nzt: AZySIRkLUZf/cgYAAA
x-accel-expires: @1708534277
last-modified: Thu, 27 Apr 2023 16:47:54 GMT
server: CDN77-Turbo
etag: W/"9f3dad598f49c13203145d9ada4211d1"
x-77-nzt-ray: cf878727e6145c2e77ae4a64ab4ff931
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: t0q327SVMn8cmBeGkF-quTfdTtG3GpgZsCFmUapENcdwb-bqyeuxTg==

GET
H2 200 4nRBYmBcpDP9OSth.json Show response
cdn.userway.org/remediations/consolidated/1546332/ 139 KB
21 KB 977ms
976ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1546332/4nRBYmBcpDP9OSth.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f7afd9611fcae2dae9e3eef0a961728edb98fcfa3c19c343bf59855b5a018b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:48 GMT
via: 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
x-77-nzt: AZySIRlPY5mh
last-modified: Thu, 27 Apr 2023 15:15:26 GMT
server: CDN77-Turbo
etag: W/"204f66d5519b845ff970391f33ce1987"
x-77-nzt-ray: cf878727c4fe5a4d77ae4a642c8c5f31
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: J8UptW2jmu2zrqgzC3t5p3yYlyzCCWIfHfCg41qQD_zWvzlCCbTKzg==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 11ms
10ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:47 GMT
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 75722
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 4160868
x-accel-date: 1678455059
x-77-nzt: AZySIRkQaLj/ZH0/AA
x-accel-expires: @1704375059
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: cf878727e6145c2e77ae4a64cc39b432
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: D1dSE0PbZPR7n6FRRhn9koxMDDg1fB2mD9zf84MheovpUfzUlaACFw==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 11ms
11ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:47 GMT
via: 1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 75722
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 4160868
x-accel-date: 1678455059
x-77-nzt: AZySIRlB1C3/ZH0/AA
x-accel-expires: @1704375059
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: cf878727e6145c2e77ae4a6447deb932
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: l-kpG29Kk8JBw-lRJ4-0-Kfk3RGYXAkAS220YareaqmT9_PoXr3qgQ==

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ 0
0 183ms
183ms Preflight 52.10.42.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.10.42.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-42-55.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pekininsurance.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Thu, 27 Apr 2023 17:18:48 GMT
x-service-version: apps-afedf709

GET
H2 200 nav_menu_helper1682613782162.js Show response
cdn.userway.org/widgetapp/2023-04-27/remediation/ 22 KB
6 KB 9ms
8ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-27/remediation/nav_menu_helper1682613782162.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pekininsurance.com/billing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Apr 2023 17:18:48 GMT
via: 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P2
age: 101
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1650
x-accel-date: 1682614278
x-77-nzt: AZySIRnqfE7/cgYAAA
x-accel-expires: @1708534278
last-modified: Thu, 27 Apr 2023 16:47:54 GMT
server: CDN77-Turbo
etag: W/"8ad50e8de84df6abb8cb9fc3765b5ba6"
x-77-nzt-ray: cf878727e6145c2e78ae4a64b4648d33
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: QrDi7hmW-URVFZ7kMF6GHkNZnnQAGcs0sDaxZSF0afWfHCmwCk0L_w==

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 128 B
468 B 187ms
187ms XHR
application/json 52.10.42.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-27/widget_app_base_1682613782162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.10.42.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-42-55.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: bf0b0fa9cd4bcd8d479ec3dad6696a33fae29a78ef03f7b2a9ef24cb339fcb5f

Request headers

Referer: https://www.pekininsurance.com/billing
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Apr 2023 17:18:49 GMT
etag: W/"80-ahsrC5d5KU6MrGNFmlJcdyy0DwQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 128
x-service-version: apps-afedf709

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-13028347-2&cid=907217900.1682615926&jid=1823334336&gjid=1281419945&_gid=2083244818.1682615926&_u=YEBAAUAAAAAAACAAI~&z=221931100

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pekininsurance.com/	1970-01-20 20:59:35	Name: _ga Value: GA1.2.907217900.1682615926
.pekininsurance.com/	1970-01-20 11:25:02	Name: _gid Value: GA1.2.2083244818.1682615926
.pekininsurance.com/	1970-01-20 11:23:35	Name: _gat_gtag_UA_13028347_2 Value: 1
.pekininsurance.com/	1970-01-20 13:33:11	Name: _fbp Value: fb.1.1682615926437.1246007524
www.pekininsurance.com/	1970-01-20 11:33:40	Name: AWSALB Value: ZygQNF+Kfdg51AF1nJ/X9Y1Eysm0DCP1lxxZB802hwSjMzvbIrsnobMeIVrugC0aTMOtUOKmCTf1epE645+WX+ebQ/oko9ZkdltaE8v63IqqsRT6QXF5eWcNa8vB
www.pekininsurance.com/	1970-01-20 11:33:40	Name: AWSALBCORS Value: ZygQNF+Kfdg51AF1nJ/X9Y1Eysm0DCP1lxxZB802hwSjMzvbIrsnobMeIVrugC0aTMOtUOKmCTf1epE645+WX+ebQ/oko9ZkdltaE8v63IqqsRT6QXF5eWcNa8vB

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.google-analytics.com/analytics.js(Line 35) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-13028347-2&cid=907217900.1682615926&jid=1823334336&gjid=1281419945&_gid=2083244818.1682615926&_u=YEBAAUAAAAAAACAAI~&z=221931100' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://*.userway.org localhost:3000 ws://localhost:3000".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .gstatic.com .googletagmanager.com .google.com .google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org https://unpkg.com/@google/ https://js.hs-banner.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.userway.org; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com maxcdn.bootstrapcdn.com https://.userway.org; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com https://.userway.org data:; img-src 'self' .gstatic.com .googleapis.com .google-analytics.com .googletagmanager.com https://stats.g.doubleclick.net platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com https://dec.azureedge.net https://.insight.sitefinity.com https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ https://.userway.org .twimg.com data: blob: .eloqua.com track.hubspot.com; media-src 'self' https://.userway.org data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com web.facebook.com badge.stumbleupon.com https://.userway.org/ https://www.google.com; connect-src 'self' .googleapis.com accounts.google.com .google-analytics.com https://.insight.sitefinity.com https://.dec.sitefinity.com https://api.hubapi.com https://forms.hubspot.com https://.userway.org localhost:3000 ws://localhost:3000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
connect.facebook.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.pekininsurance.com
stats.g.doubleclick.net
18.217.98.135
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.10.42.55
004f016ee74af68781c39b25042de70e04a0b77628d32306be93bcb80fa346e4
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
188f12af1bc9f022237f6105d2b20f3eb990746dc3bbd4fc7456db4dec3ad0f1
23b196e4342fb49e3864d308a119a6aeb9c00e6450e5557d51bfeaa6cbbb6ffb
2ff66b063e35e832b75feb12e9e7095b2555339849a1fabf29a5c302ae68415a
31558584698055d030760edd7be31a3f9121dc2c325dbd14f1b4ccff7d61c0ca
38a1532540a07cdb02d2447871056ba5b0f7ee3fa4afdbef60908cccd07aac85
401608945384d3ebbe5b149bffe481de5cef3400c946563ada8ca6fac6a9e14a
4b9f4b6894c43b1ad68c54790e1b7d0f3aa0947b3fff960452ea6d8e172b4683
4cae705a4cdc9eb4a2aa55248979b88971d195e3d7245466e59a1c589694e10f
520450f462e8eb70add477b8674a17eebe19bd5a140f7b60dbf3eb98d3f18fb1
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
58611909421e6aea66d0864ae04dc3f05aad0965442e2a5ca88f1ccf7ffa4f50
5e904ee18c43eb79993d479888be859f43c3cdb514668a3c22ff235f10662595
5f54dd54fecc1e01ab087541a6712fcea44054264f40a654c616bb8ff0594402
64b4e73268acd7bfcbf4a3d6431e5f137a4c4deab6340b04e9d23e5324a2250b
683263fc6c4eff73aae8332e5fa5ce037cbd7e3c239aecd1eb05280af9b6e94c
6fbf0fcc1b8eade56bf53d35627fd95172eafb53ba40fe94a7abe028bce4ef67
7c2e91415a55ef552c38d193d202c98e3fb684725d24e823743f409a0eebb754
8860176709cc583567bf202da73e4ff2aab350f7ac5a984e3b090c13e40f9ae6
88d09829ae3399b12dfdfaafcdda57f9e8555eec786a1efb8fea896a28005c0f
8cc0345db63d7b66746f92e6fd0bb7649e4ad724b1fef03262efaf2a06013031
8e9a7717ebdd6af1f1eb1344afd60322c38bac77db663f69da53191296a04224
8f0116ae33059b511c7567a8c4cb992161d2838bf248e7e6771114f3fbf21145
91a9ae5b3c7ba4761a67aad86de77d318775fbae29709d32c32842e7fdb4f394
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1a54a8ea2c351cda909b8cf6d6190387f2a0993bb0a2a4067cb658a5c68e1e8
a86be898e8fdca8dc9f0147697a9e4a47ca68cbac9cda716f4226bc5bdf589dc
af61b1ca81df8f8636f75d17595774fe731e80da80b9e6abb49b5e7a520fbbf4
b10add4a8913804e774a547db119bd9cba3ec10dc9ac18a41e28e54c7f0e3137
ba676b909787f5952aecc3d7b883761753a60cf4cd262b0b955a4de2120de8ae
ba756e5df787803e6f0bbc2384b3de0693700e6d69424aa18d310c4f50315c9c
bf0b0fa9cd4bcd8d479ec3dad6696a33fae29a78ef03f7b2a9ef24cb339fcb5f
bfe82e63a29716a328f497d9fde2c2f07e84b98732347810966fcb394cdbbad0
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c9d5112a1afc8d6f37644a6958ef516822818ab6116b7ed50f4ae2aee1c246c4
ccc0a2f95995039b1d9d72de42a1425b71bad77dbb8b14840b6763f76fc3d567
d6f5aa4cb840a8c9a471b8b335d11859de7251c9371ff985820e8c14f25c6618
dcb50e07760162083063ff50d38703d99677aaa9bbae0d988c73bd24d3b71794
ddde4b561d9fa288166346ffcda890697e4b73fda7329800edbfd7bca6b94fc7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e28b9e25dcd8f388b00a30c91ce05b69dae085185307b4287b03cebe678770ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaf11f5fdbebf0e769224dbc0f2d977c71d6c26e9ba72904e3e72f6cb96600e8
ed2bd8b65aaf1b7b0ca7dbbf35f2fcd29de520dc5de81f3ec1bf1ddc5a39bf7f
f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09
f7afd9611fcae2dae9e3eef0a961728edb98fcfa3c19c343bf59855b5a018b64
fae6f5e854acf64505fe0379d52282b82582c16416702e5888056dd55c5d66bf
fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46
ff99878833b36d14a259f3e68f6decd9a6fb2d1a10c7e3c9381c3f30dcddec35

www.pekininsurance.com Open in urlscan Pro 18.217.98.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

1840 kBTransfer

3034 kBSize

6 Cookies

9 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pekininsurance.com Open in urlscan Pro
18.217.98.135 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1840 kB
Transfer

3034 kB
Size

6
Cookies

55 HTTP transactions
0 data transactions