www.investmentcover.com Open in urlscan Pro
13.127.116.214 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=...
Submission: On October 25 via manual (October 25th 2023, 12:05:14 pm UTC) from NL — Scanned from NL

Summary HTTP 78 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 18 domains to perform 78 HTTP transactions. The main IP is 13.127.116.214, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is www.investmentcover.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 29th 2023. Valid for: a year.

This is the only time www.investmentcover.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	13.127.116.214 13.127.116.214	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700:20:... 2606:4700:20::ac43:4ada	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	52.71.73.22 52.71.73.22	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2406:da1a:778... 2406:da1a:778:e600:4115:1bd5:6229:c66c	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
7	2600:9000:211... 2600:9000:211e:e00:e:7dd8:8180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	3.78.238.50 3.78.238.50	16509 (AMAZON-02) (AMAZON-02)
78	24

15 13.127.116.214 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com

www.investmentcover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4ada (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.frase.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.73.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-73-22.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da1a:778:e600:4115:1bd5:6229:c66c (Mumbai, India)

ASN16509 (AMAZON-02, US)

conversionapi.investmentcover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211e:e00:e:7dd8:8180:93a1 (United States)

ASN16509 (AMAZON-02, US)

dns.frase.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.78.238.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-238-50.eu-central-1.compute.amazonaws.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	investmentcover.com www.investmentcover.com conversionapi.investmentcover.com	287 KB
15	frase.io 1 redirects app.frase.io — Cisco Umbrella Rank: 81755 dns.frase.io — Cisco Umbrella Rank: 99246	86 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	320 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	36 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	395 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714	876 B
3	google.nl www.google.nl — Cisco Umbrella Rank: 8860	669 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	198 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 51901 api.gravitec.media — Cisco Umbrella Rank: 38975	2 KB
2	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 26881	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	gstatic.com fonts.gstatic.com	31 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 5674 q.quora.com — Cisco Umbrella Rank: 4055	15 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	8 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3599	6 KB
78	18

	Domain	Requested by
15	www.investmentcover.com	www.investmentcover.com
8	app.frase.io	1 redirects www.investmentcover.com app.frase.io ajax.googleapis.com
7	dns.frase.io	app.frase.io
6	ajax.googleapis.com	app.frase.io
6	cdnjs.cloudflare.com	www.investmentcover.com app.frase.io
5	www.googletagmanager.com	www.investmentcover.com www.googletagmanager.com
3	www.google.nl	www.investmentcover.com
3	connect.facebook.net	www.investmentcover.com connect.facebook.net
3	bat.bing.com	www.investmentcover.com bat.bing.com
2	cdn.gravitec.net	www.googletagmanager.com cdn.gravitec.net
2	www.facebook.com	www.investmentcover.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google.com	www.investmentcover.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	api.gravitec.media	cdn.gravitec.media
1	cdn.gravitec.media	cdn.gravitec.net
1	use.fontawesome.com	app.frase.io
1	conversionapi.investmentcover.com	connect.facebook.net
1	q.quora.com	www.investmentcover.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	a.quora.com	www.investmentcover.com
1	netdna.bootstrapcdn.com	www.investmentcover.com
1	fonts.googleapis.com	www.investmentcover.com
78	25

This site contains links to these domains. Also see Links.

Domain
www.hdfcbank.com
hdfcbank.com
www.facebook.com

Subject Issuer	Validity	Valid
investmentcover.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
frase.io Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
quora.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.quora.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
conversionapi.investmentcover.com Amazon RSA 2048 M03	`2023-10-25` - `2024-11-22`	a year	crt.sh
dns.frase.io Sectigo RSA Domain Validation Secure Server CA	`2023-06-03` - `2024-06-27`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G4	`2023-04-12` - `2024-05-13`	a year	crt.sh
cdn.gravitec.media R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
api.gravitec.media R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Frame ID: B69910EEEDF76A210A3A5465D9C1608D
Requests: 57 HTTP requests in this frame

Frame: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Frame ID: 8D28333CD1118806C09AF0880D04343F
Requests: 19 HTTP requests in this frame

Frame: https://app.frase.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 6D4B1B2998549AE0068E0EAC40A35069
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HDFC Bank Ltd Home Loan -Interest rate @ 8.50% Apply Online

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

78
Requests

99 %
HTTPS

79 %
IPv6

18
Domains

25
Subdomains

24
IPs

5
Countries

1442 kB
Transfer

4119 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.hdfcbank.com/
Title: www.hdfcbank.com

Search URL Search Domain Scan URL

URL: https://hdfcbank.com/personal/useful-links/important-messages/product-features-and-policy
Title: https://hdfcbank.com/personal/useful-links/important-messages/product-features-and-policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/investmentcover/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://app.frase.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://app.frase.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request hdfc-home-loan Show response
www.investmentcover.com/home-loan/ 415 KB
73 KB 508ms
182ms Document
text/html 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8c10a8dba06f55815a676dcfd0adfddd451d0bf01f7fcd9f09a4b6c1f9004f93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Oct 2023 12:05:07 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.29 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 241ms
159ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125964851-1

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84279332e15d70b24a53b2a17a89daeb51d21f3d39dc5455e58619d0a3e634c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 12:05:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 169ms
88ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-771498138

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

495ada10b5e514fb94952d66c8f40e87e14f7051f51696280c3bae53877083fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 12:05:07 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.investmentcover.com/fonts/frontend/ 28 KB
7 KB 465ms
161ms Stylesheet
text/css 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/fonts/frontend/font-awesome.min.css
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:29 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7057-607eccf229da3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6594

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 164ms
83ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,300,700

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 12:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 12:04:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 12:05:07 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.investmentcover.com/css/frontend/ 114 KB
20 KB 488ms
166ms Stylesheet
text/css 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/css/frontend/bootstrap.min.css
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 560a7c1704a189489e7e282b8dd6cf664d43472da54e223faff01063df356145

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1c8c5-607eccf1975de-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19695

GET
H/1.1 200
OK style-new.css
www.investmentcover.com/css/frontend/ 18 KB
4 KB 483ms
161ms Stylesheet
text/css 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/css/frontend/style-new.css
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cf642a8f8d445e4c0050ecee6ca838b648670a58ce33c386aa3436214a52fa07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "472e-607eccf19857e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4140

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/ 15 KB
2 KB 108ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/select2.min.css

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1343348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1640
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0k1H9qzYcryc7pmGqePT4TmdOaTUwamk6vYLt4U6K306WhFoQFpPOhoSv6X04b31Rj9%2BTGCldmVl3LrCm3iEpWYcU0f9m6QnSxUeOBu7Ct2FZ5OaLiz1RdAKCAz%2BkAiUchkgnXlQ0xBH9VyLeDgvS3Du"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ba537358b365f0-AMS
expires: Mon, 14 Oct 2024 12:05:07 GMT

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/ 1 KB
963 B 104ms
33ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/owl.carousel.min.css

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c39dc75c9579402ea4771ce3b7e0e187c5e93dd6af00a660f780695d33e4678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6806316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 301
last-modified: Thu, 22 Jun 2023 11:13:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ce5-12d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0xFd91UFbtLtBwE5DXtRgSZm8ZFQrHQCv%2BgeZXuOnAO8XFxd5voJDaEw7VvEioe3v6xsxLhuLCfjaxFyILm%2Bxx5CErMFhrCN0IxQBm2ng2dyny7tXB1%2FdPFFirsoNmRSDkJN3mieLtclF3Qq5KOoGu8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ba537358b465f0-AMS
expires: Mon, 14 Oct 2024 12:05:07 GMT

GET
H2 200 owl.theme.min.css
cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/ 1 KB
628 B 106ms
36ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/owl.theme.min.css

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83a1a4511df1d69daea6a5f1889b1031fdcbb4bc51a9a8491c7ff6177feca4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1349968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 277
last-modified: Mon, 04 May 2020 16:13:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3f-480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKqI4pU0%2Fh%2FfFGTz7OyYjQxzPAzfxpZ9UaXeWHEQyNPjNO2L9HSRWiWF11t07YlMvvYDcyZZQxjYBGIeLehCdgpevn8K4ruvBeJb1TQ0c8iAHsszPxhXvDfYc97DYLU3KZCclIOAnj97uFFg2R3V2WNz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ba537358b565f0-AMS
expires: Mon, 14 Oct 2024 12:05:07 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 27 KB
6 KB 110ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 6434151
cdn-cachedat: 08/03/2021 17:42:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9026c9e4abb125cb82a6f9e5488a7cfc
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81ba53735b73b98c-AMS
cdn-requestpullsuccess: True

GET
H2 200 bot.js Show response
app.frase.io/js/libraries/ 30 KB
8 KB 554ms
480ms Script
application/javascript 2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.frase.io/js/libraries/bot.js

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e513f8613229979ff3e136b1b4b4db27bda3cc5ee262f265cf1eb11629874326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
x-application-context: application:prod:80
pragma: no-cache
last-modified: Tue, 03 Oct 2023 18:31:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xkb7bEeD%2B1gUA9wYtZvUw2jWoVRdWFs0bHTKVqK2Iik5Luh1gnEbQOai%2BdkTraT%2FGDMuPqC8qlF%2FczMQyyto3SOdPozqz3u0CqEYhKJyC%2BZy0f%2F2oMFCimbh0trSJf9we%2Bq9kIT9hmmilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 81ba53735c100ead-AMS
expires: 0

GET
H/1.1 200
OK logo.png
www.investmentcover.com/images/frontend/ 2 KB
2 KB 488ms
162ms Image
image/png 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentcover.com/images/frontend/logo.png
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 589debbd2495a6ac3d34c37718c99530e52007710bcd0f69086f1c85309bee0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "692-607eccf1acd9f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1682

GET
H/1.1 200
OK for-mobile-home-loan.jpg
www.investmentcover.com/images/frontend/ 20 KB
21 KB 503ms
177ms Image
image/jpeg 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentcover.com/images/frontend/for-mobile-home-loan.jpg
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 658cbd81ebf801cff960c451fcc6c895a22653842ec08c734f4a58c0ffa1114b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "518f-607eccf19e33e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20879

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 169ms
85ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 25 Oct 2023 12:05:07 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A31EB042BDFB429DB01D97E5C512F9CB Ref B: DUS30EDGE0905 Ref C: 2023-10-25T12:05:08Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 140ms
52ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5K5D5V73ZS7WKF9W
age: 666326
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rw0f1miPAMCLlNAO41NiXIRuuLKXZuQCNTA6SepXUCb3S+LfhrErBvxaTYcGMSrXwelERz9adhJO2n34oVD9jaIq1o7rqDunDM4RI5qBYWU=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 81ba53778e51d0c9-AMS
expires: Wed, 25 Oct 2023 16:05:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
88 KB 89ms
84ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGW3WWP

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed11c8a3019b59c06b3dadb4cef661bca542c40b2176b8932faadaf550cd3419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 12:05:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 114ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 12:05:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: b8ENk+9svJa2Ar+AA1UIi3UpwLoFGCTm7dETpVRPbK2TjunpbLI97la60LKQb6s3uySt93JfLJWTNEBBoa1aTg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK facebook.png
www.investmentcover.com/images/frontend/ 10 KB
10 KB 158ms
158ms Image
image/png 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentcover.com/images/frontend/facebook.png
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f901763f74230c76b820a61d43d2ce09573da7c5cf777650b2cb8a2232d6d412

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2819-607eccf1b797f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10265

GET
H/1.1 200
OK jquery.min.js Show response
www.investmentcover.com/js/ 94 KB
33 KB 189ms
184ms Script
application/javascript 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/js/jquery.min.js
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "176f8-607eccf1ba85f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33303

GET
H/1.1 200
OK bootstrap.min.js Show response
www.investmentcover.com/js/frontend/ 36 KB
10 KB 182ms
177ms Script
application/javascript 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/js/frontend/bootstrap.min.js
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "9037-607eccf1ba85f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9748

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/ 66 KB
16 KB 40ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1533073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15961
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-108a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDoEIYgOBlw80GcEO3Z0YaRN5UY0%2BgFij%2BPEyfX53%2BtawWx0iYIs%2FAGtlW7q8RorKBPKL%2FNgPdQ7t8QxYkJiVIF1ZyYpsrs6OPBRShI2zBK5T120T909pQFFsiK4H65lowZs%2BIfWz%2BLbc3GBxSKKT1gv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ba53770ceb65f0-AMS
expires: Mon, 14 Oct 2024 12:05:08 GMT

GET
H/1.1 200
OK loadingoverlay.min.js Show response
www.investmentcover.com/js/ 12 KB
4 KB 174ms
169ms Script
application/javascript 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/js/loadingoverlay.min.js
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 75031fe70e94e5eedb7fba1fc7dbd06ffe1c5c741f3732ae6747d9b23c39e022

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2ea3-607eccf1ba85f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3517

GET
H/1.1 200
OK custom-new.js Show response
www.investmentcover.com/js/frontend/ 1 KB
960 B 185ms
180ms Script
application/javascript 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/js/frontend/custom-new.js
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 690c6be88d14f79d79aeeb27edf1886f0a9cc655c16850cd11b36b2542ccde5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "519-607eccf1ba85f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 611

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/ 23 KB
6 KB 39ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/owl.carousel.min.js

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21826659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5743
last-modified: Mon, 04 May 2020 16:13:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3f-5d52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GNzSdHtHiPodgROfj6N2mniQlJduf87lhbdtPNiQQJ3fFHDQ6XOtSCGMrev%2BWoTXCbi56uzTyu9CUWO40J15YhfR8D8xgx%2FHwQLOgCDzUdhCwllpHP%2FLKLBxlkKz%2BHdlFRqmWRP6%2FbWPgCsFR9Zr7q8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ba53770ced65f0-AMS
expires: Mon, 14 Oct 2024 12:05:08 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.investmentcover.com/js/frontend/ 248 KB
67 KB 191ms
186ms Script
application/javascript 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentcover.com/js/frontend/jquery-ui.min.js
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3dee5-607eccf1ba85f-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 129ms
124ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125964851-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-771498138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a30ba90e54f7fd9b363605cbe29302161618c120ae117aec68d5076c3942aa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 12:05:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/771498138/ 3 KB
2 KB 161ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/771498138/?random=1698235508020&cv=11&fst=1698235508020&bg=ffffff&guid=ON&async=1&gtm=45be3an0v887801800&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&hn=www.googleadservices.com&frm=0&tiba=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&auid=1879458413.1698235508&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-771498138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a204785914fb9050107e556bc452b3ebf8f39be77a47acc73cbba4c9c370dddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1428
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 102ms
98ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P04Y2HFW41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125964851-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

453ead198824dbce266aad7d9c602edb044ea910bc99f92ded96155f6056e1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 12:05:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 234ms
53ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125964851-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 11:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 13:49:42 GMT

GET
H/1.1 200
OK for-desktop-home-loan.jpg
www.investmentcover.com/images/frontend/ 30 KB
30 KB 169ms
166ms Image
image/jpeg 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentcover.com/images/frontend/for-desktop-home-loan.jpg
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/css/frontend/style-new.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5ab7a3e9efdbe88575446f57abd7a3e0e1e916064701f68ad1d936085529be73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/css/frontend/style-new.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7666-607eccf1a027e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 30310

GET
H/1.1 200
OK normal-state-star.svg
www.investmentcover.com/images/frontend/ 2 KB
2 KB 322ms
159ms Image
image/svg+xml 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentcover.com/images/frontend/normal-state-star.svg
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 18cd779e9c3e4197ff04065e208727b2e72798bf2526db8b479777114b06de99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "8d6-607eccf19e33e"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2262

GET
H/1.1 200
OK facebook-n.svg
www.investmentcover.com/images/frontend/ 3 KB
3 KB 321ms
158ms Image
image/svg+xml 13.127.116.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentcover.com/images/frontend/facebook-n.svg
Requested by: Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.127.116.214 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-116-214.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 65697bcedab5ba98bd5274115c2a79c79262912b5bcf986a4ad4f72ba00fa969

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Last-Modified: Tue, 17 Oct 2023 17:25:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "b46-607eccf1a8f1f"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2886

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 155ms
67ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.investmentcover.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 150385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 18:18:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 176ms
88ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.investmentcover.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 133381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:02:07 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/35dd6c513c194bab94c4d8c59ed128f6/ 43 B
424 B 504ms
111ms Image
image/gif 52.71.73.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/35dd6c513c194bab94c4d8c59ed128f6/pixel?j=1&u=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&tag=ViewContent&ts=1698235508443

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.73.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-73-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 12:05:08 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,d84f56ba8ec926ee1aa9746951a77d21,10.0.0.156,28860,31.204.153.185,,168322896577,1,1698235508.904,0.002,,.,0,0,0.000,0.004,-,0,0,197,204,102,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/771498138/ 42 B
455 B 226ms
70ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/771498138/?random=1698235508020&cv=11&fst=1698235200000&bg=ffffff&guid=ON&async=1&gtm=45be3an0v887801800&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&frm=0&tiba=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3737732472&rmt_tld=0&ipr=y

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/771498138/ 42 B
455 B 146ms
46ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/771498138/?random=1698235508020&cv=11&fst=1698235200000&bg=ffffff&guid=ON&async=1&gtm=45be3an0v887801800&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&frm=0&tiba=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3737732472&rmt_tld=1&ipr=y

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 20130862.js Show response
bat.bing.com/p/action/ 0
117 B 71ms
53ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/20130862.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 25 Oct 2023 12:05:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2C360EBD69F420D813D37EB94462A32 Ref B: DUS30EDGE0905 Ref C: 2023-10-25T12:05:08Z
x-cache: CONFIG_NOCACHE

GET
H2 200 1367407223876919 Show response
connect.facebook.net/signals/config/ 116 KB
31 KB 34ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1367407223876919?v=2.9.135&r=stable&domain=www.investmentcover.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bbc9c455df8fb3b5f25240782adcd81bf6addf58b66f7b1b77fcb921debd698

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 12:05:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31418
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: l1Nh1DTemyUay9uw47rfc00TtA1rbrsfbI5tyyRa8FRvmvBCvcP/Wm/XuAat52SxxzNdDu34t9/2UFY4kq+p4Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 84ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P04Y2HFW41&gtm=45je3an0v884750269z8830330095&_p=1679737456&_gaz=1&cid=410923455.1698235509&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1698235508&sct=1&seg=0&dl=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&dt=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P04Y2HFW41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentcover.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 110ms
33ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P04Y2HFW41&cid=410923455.1698235509&gtm=45je3an0v884750269z8830330095&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P04Y2HFW41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentcover.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 59ms
58ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P04Y2HFW41&cid=410923455.1698235509&gtm=45je3an0v884750269z8830330095&aip=1&z=127772407

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 65ms
65ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1679737456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&ul=en-us&de=UTF-8&dt=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=416790972&gjid=831956464&cid=410923455.1698235509&tid=UA-125964851-1&_gid=1436693474.1698235509&_r=1&gtm=457e3an0&jsscut=1&z=1686841769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.investmentcover.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentcover.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 382511432851734 Show response
connect.facebook.net/signals/config/ 364 KB
113 KB 34ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/382511432851734?v=2.9.135&r=stable&domain=www.investmentcover.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70ae07022dab7c5469e2aafc5f9daba85832301a36afdd8a793e671cb3f0744d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 12:05:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 115888
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: g6tuSdwgcjld74uhxMuNq0Kx8QLKAfyU88aGPVqgcHuyUIwmOJr+KwDAepznI6Icmp+1DDx20BDZQMx0g0FtGg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 104ms
34ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1367407223876919&ev=PageView&dl=https%3A%2F%2Fwww.investmentcover.com&rl=&if=false&ts=1698235508685&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=28&fbp=fb.1.1698235508682.2116963367&pm=1&hrl=092350&ler=empty&it=1698235508530&coo=false&cs_cc=1&cas=7312229862144403&rqm=GET

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Oct 2023 12:05:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 34ms
33ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-125964851-1&cid=410923455.1698235509&jid=416790972&gjid=831956464&_gid=1436693474.1698235509&_u=YADAAUAAAAAAACAAI~&z=2106545065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.investmentcover.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Oct 2023 12:05:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentcover.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 86ms
85ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-125964851-1&cid=410923455.1698235509&jid=416790972&_u=YADAAUAAAAAAACAAI~&z=273998520

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-125964851-1&cid=410923455.1698235509&jid=416790972&_u=YADAAUAAAAAAACAAI~&z=273998520

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 a09262eaabc4248230025774cd8db0b4d1456bf54ec9663387c6ea186ac6823c Show response
conversionapi.investmentcover.com/events/ 0
365 B 534ms
171ms XHR
text/plain 2406:da1a:778:e600:4115:1bd5:6229:c66c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://conversionapi.investmentcover.com/events/a09262eaabc4248230025774cd8db0b4d1456bf54ec9663387c6ea186ac6823c
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/382511432851734?v=2.9.135&r=stable&domain=www.investmentcover.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da1a:778:e600:4115:1bd5:6229:c66c Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.investmentcover.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.investmentcover.com
date: Wed, 25 Oct 2023 12:05:09 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 34ms
33ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=382511432851734&ev=PageView&dl=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&rl=&if=false&ts=1698235508833&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698235508682.2116963367&ler=empty&eid=ob3_plugin-set_90415e8f63577078ce7be742e5d295931cc423efafe2db3ce82ef878f951c348&it=1698235508530&coo=false&rqm=GET

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Oct 2023 12:05:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 56ccc59083474d50907915bf54d6f77e Show response
app.frase.io/bot/home/ Frame 8D28 3 KB
2 KB 123ms
123ms Document
text/html 2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Requested by

Host: app.frase.io
URL: https://app.frase.io/js/libraries/bot.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee500b71642b0ab8d8586c614c02cd37e9e2afaea108758432dd20dfc75caf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.investmentcover.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ba537a6c5c0ead-AMS
content-encoding: br
content-language: nl-NL
content-type: text/html;charset=utf-8
date: Wed, 25 Oct 2023 12:05:08 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNnyDDQqXROaHaj8Ii0VZKjRHBExaqx98xKfRIwnD79xLPULxaWXXCgk78LaSEjo3ZJJXgRhR8oal3cTcHNpdv2OHze7tUmQ2BWzMJQDzkmNic3xuzwyYtzIOSDiQBbd6FmDuuqO7MzB6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, User-Agent
x-application-context: application:prod:80
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
286 B 69ms
69ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=20130862&Ver=2&mid=f9247c5f-ce85-4205-9146-51784528c2d8&sid=be11c940732e11eeb30997e65b23cd55&vid=be11ef50732e11ee9bfcc3c872a9d7fc&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&kw=HDFC%20Bank%20Housing%20Loan,%20Home%20Loan,%20HDFC%20Home%20Loan&p=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&r=&lt=1826&evt=pageLoad&sv=1&rn=454972

Requested by

Host: www.investmentcover.com
URL: https://www.investmentcover.com/home-loan/hdfc-home-loan?utm_source=twinedigital&utm_medium=223&utm_campaign=HDFCHL&utm_content=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 25 Oct 2023 12:05:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 917B43D4160149E480D387C63BB1D3EE Ref B: DUS30EDGE0905 Ref C: 2023-10-25T12:05:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 8D28 94 KB
33 KB 253ms
175ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 07:17:49 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ Frame 8D28 235 KB
235 KB 212ms
134ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:09:18 GMT
x-content-type-options: nosniff
age: 6951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240427
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 10:09:18 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.3.3/ Frame 8D28 121 KB
45 KB 139ms
61ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.3.3/angular.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590ed104ae8ea2018e3f63d8993e42a4e4f2219262bbd29a030795c8abdbbafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45851
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 02:08:09 GMT

GET
H2 200 angular-cookies.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.3.3/ Frame 8D28 824 B
919 B 278ms
200ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.3.3/angular-cookies.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e181343fffb4c20f926044d598e388e4ddcc0029ad246b960021597dd3ded49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:21:24 GMT
x-content-type-options: nosniff
age: 405825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 824
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 19:21:24 GMT

GET
H2 200 angular-resource.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.3.3/ Frame 8D28 3 KB
2 KB 277ms
199ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.3.3/angular-resource.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

362060ddac9d2e10ad315247d9c4408d8e4dfaf58cb1f46da3c7307a173cced9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 03:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1785
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 03:55:15 GMT

GET
H2 200 angular-sanitize.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.3.3/ Frame 8D28 6 KB
3 KB 275ms
198ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.3.3/angular-sanitize.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba320e277309515c077a8c35fd940fa599cc2a0f18d2658c344867a43a6d1bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 10:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 10:04:12 GMT

GET
H3 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.15/ Frame 8D28 30 KB
11 KB 35ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.15/angular-ui-router.min.js

Requested by

Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa3d73a4067cf98ff271cc9ce5c826f7dadf8afe4df67be2330133f872c73e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4186314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10226
last-modified: Thu, 22 Jun 2023 10:45:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494262f-27f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFBLExfMxADYqw8KeADQZU06ocA6oJ0V1a1ISb30F%2F9%2Bj%2F9BfKTwSylGVgfH3cC3bhoRtjforFuSpz2ZZ53fYk7FsY7obUPwhGRxp66cfhnszwgIb3K0JXYpXsmXebECkd4X%2FrYUNwx0ZDsrKQRfA8Or"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ba537b3e98655e-AMS
expires: Mon, 14 Oct 2024 12:05:09 GMT

GET
H2 200 google_fonts.min.versioning1598399392.css
dns.frase.io/core_platform/css/minified_files/ Frame 8D28 11 KB
2 KB 126ms
34ms Stylesheet
text/css 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/core_platform/css/minified_files/google_fonts.min.versioning1598399392.css
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d96123aa8b56bd0e5b8b65fdb90d02666ec1386c00f18436820e5fc8f4b43d02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:36:11 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Mon, 26 Oct 2020 20:54:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 30539
etag: W/"8e695464845a68236bdabc7782957678"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: XOtIzg0mNE6S0uSaSChVyUzNlYVa94yu1WXIf7Dr3yJyYEPDxIog5A==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.7/css/ Frame 8D28 35 KB
8 KB 92ms
35ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7SC92HVDT9N0EQ29
age: 706183
alt-svc: h3=":443"; ma=86400
x-amz-id-2: x/XOoSNX10SZI6WUkdQmA93GY6376O+gtM0xmyjjP83xcMPshADhZ1H04rRH7lvFWxRh6maGPhE=
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
server: cloudflare
etag: W/"16f4f6797931e43125885e1741f125a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB3iMGIVhw%2B5UAyCOEq5otTvjbX9VsNKZ7wEJU3nNObqlMedBjHphBL8McFx%2F0HK9uPFp0GT%2B0WUoPUzqo77BXBBPlhNsjHn4ZL%2B58dEH2pJBAmuiIAMF%2BdDLiJ4aBGvaU8GPy88vwch9QqCiU6fYmyd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 81ba537b9811b7b8-AMS

GET
H2 200 frase_bot_app.min.versioning1653864191.js Show response
dns.frase.io/frase_bot/minified_files/ Frame 8D28 319 B
662 B 128ms
37ms Script
application/javascript 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/frase_bot/minified_files/frase_bot_app.min.versioning1653864191.js
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a266193dd8162289e3583d6d9942734f38f09e770b974c187545660981b5abf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:22:48 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Mon, 30 May 2022 20:26:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 70942
etag: "b832bcda60b25068e7a7056c0ad6ecc9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 319
x-amz-cf-id: WUulJR3wlIbmHxMPj4aSMi_wGOm3beZ4FdX_TUZzp_220viJ7_W1kg==

GET
H2 200 bot_controller.min.versioning1693325157.js Show response
dns.frase.io/frase_bot/controllers/minified_files/ Frame 8D28 20 KB
7 KB 130ms
39ms Script
application/javascript 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/frase_bot/controllers/minified_files/bot_controller.min.versioning1693325157.js
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7762c12ae5e248e6f2d521f58ed086a6dc00ba364802aaa58906f20cb357ae5a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 04:51:53 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 16:05:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 30539
x-amz-server-side-encryption: AES256
etag: W/"b2484a4106ab408c35f75dd7c056904b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VnX6HvEJAiDt-jJI0Q9n4SrQpwghGp4IMvz8DoGV-L3_CCuZiSKW3g==

GET
H2 200 moment.min.versioning1603761048.js Show response
dns.frase.io/js/libraries/minified_files/ Frame 8D28 52 KB
17 KB 136ms
45ms Script
application/javascript 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/js/libraries/minified_files/moment.min.versioning1603761048.js
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aec1b18eb96d8ec095a7d63850344a7789f85280e95bbb4aecca0e08e9245647

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 05:46:39 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 01:10:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 22711
etag: W/"26c810941b2a6d0c7348ad9444bfb185"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pKripyAFWDCM7uGfGfdawJzFuYXAlf2QDJCX46CGr-A5gA2-dUFgmg==

GET
H2 200 moment_timezones.min.js Show response
dns.frase.io/js/libraries/minified_files/ Frame 8D28 191 KB
29 KB 161ms
70ms Script
application/javascript 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/js/libraries/minified_files/moment_timezones.min.js
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bb2c47d86b9ea9b2e1f310d9f7594354e2fd02b9676edff0cfdf485c0a470f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:56:18 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jun 2021 22:10:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 75643
etag: W/"137ec70458d5335daf4f096f04025000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: SnOmKW7ri7O17ELxFLf9SvgbRZJtVVFFT-jro48umTKnQMur0pkS7w==

GET
H2 200 webfont.min.versioning1603761048.js Show response
dns.frase.io/js/libraries/minified_files/ Frame 8D28 12 KB
5 KB 167ms
76ms Script
application/javascript 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/js/libraries/minified_files/webfont.min.versioning1603761048.js
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28e12df4d80aee11b6aa79d8b76ca28e55ebebda668bd62c1da6c651d294f2c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 06:26:54 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 01:11:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 20295
etag: W/"e020ba27681af4c679442ae60d029ce4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gnBNoCRMNfyuyZtEKN85fhVRu78SotX1izPyF-JnPs4Uht5tWlr4Ng==

GET
H2 200 bot.min.versioning1654887009.css
dns.frase.io/frase_bot/css/minified_files/ Frame 8D28 7 KB
2 KB 126ms
35ms Stylesheet
text/css 2600:9000:211e:e00:e:7dd8:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.frase.io/frase_bot/css/minified_files/bot.min.versioning1654887009.css
Requested by: Host: app.frase.io
URL: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:e:7dd8:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0af3cb51b87e7659145fe4cd594457f8168da87bc8d64c2d8b17aa2677cbde0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 15:04:27 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:50:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 75643
etag: W/"ff06bf5b298684011bf10a354b0fdb19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: cBvrPEeiNH5wNRPWPIIcGR-syK3-eW1aJ4sbD8Sv44pQzaUSxRjKbw==

GET
H2 200 bot-home.html Show response
app.frase.io/frase_bot/html/ Frame 8D28 20 KB
4 KB 129ms
129ms XHR
text/html 2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.frase.io/frase_bot/html/bot-home.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.3/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8476329e80f5538da2f16adb783967c3960c20730b4533f2b3e11410e3965d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html
Referer: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
x-application-context: application:prod:80
pragma: no-cache
last-modified: Tue, 03 Oct 2023 18:31:35 GMT
server: cloudflare
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyOE3TqUcnGODRua6lzI7fGd3mRmXpzqQOA9WcDDY%2FSrAPP9cQfu0%2B7fJAIgJua4oYUtHeRg0A%2F7FVZO48t3rtgwElovGj2%2F1kI7tpikXWWuTcnWHhXDZ%2FWzpYBbbv6swipOTp8bqVgjEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 81ba537dd8250ead-AMS
expires: 0

GET
H2

200

main.js Show response
app.frase.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 6D4B
Redirect Chain

https://app.frase.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://app.frase.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

7 KB
4 KB

35ms
34ms

Script
application/javascript

2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.frase.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Protocol

Server

2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69224cc1a21e3b65cd12e00876f2d0f2446e262a1c6f79b4bb36dcb87067996b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9SM0tSW7knS8Ma%2F1Ob%2BsgqPiC%2FpyLURn1gzGpKmiOxQ73TQawGhlqmvDvtJrvT2rVjGI3%2BqseVl1cImDJ0vlUtrzGzYZlvUskTgMtVbybll5d5pIj%2BLkyFx%2FyNnSK%2Ba%2FkIRpY0Dudn0FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81ba537e48b40ead-AMS

Redirect headers

date: Wed, 25 Oct 2023 12:05:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8CgUrCMvISy7bw2dlxIkGL2%2BYZshZyjq23GB4OGd5h7uf3FwC1StoiL2y1eCzcBRbzOmBdqgbEHnK3p58AaweG8AvqBy6SNkxG5XSvqv%2BrwP5Qg6hnJv%2FhORDJtEXA4CkdIP1tvZFpUew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control: max-age=300, public
cf-ray: 81ba537de8340ead-AMS

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/762889780c98eceb255f3582210c39f0/ 64 KB
18 KB 114ms
52ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/762889780c98eceb255f3582210c39f0/client.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGW3WWP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b92fb60caecb20bef555b90b71b1206316775e94be1d29e44145fb2b6145a91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 02 Sep 2023 23:05:29 GMT
date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2023 14:02:02 GMT
server: nginx
etag: W/"64f09d5a-1006b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

POST
H2 200 81ba537a6c5c0ead Show response
app.frase.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6D4B 0
521 B 95ms
95ms XHR
text/plain 2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.frase.io/cdn-cgi/challenge-platform/h/g/jsd/r/81ba537a6c5c0ead
Requested by: Host: app.frase.io
URL: https://app.frase.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81ba537fca7c0ead-AMS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFrEYybqVZD9Cia88tD7A5Ncn%2FPuys9tpvuEI3St%2FaDLqpKl8Kv%2Bcg99rzYZko5wNyBdAPqZn8l2D%2FXGc9z0DvBkYQ03WhpMPvNBdFF79roUARg0iQXe%2Bil7%2B3CBrHxwjX87FtrBPSFyzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 %7B%7Binteraction.answers[0].product_image%7D%7D
app.frase.io/bot/ Frame 8D28 3 KB
3 KB 123ms
123ms Image
text/html 2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.frase.io/bot/%7B%7Binteraction.answers[0].product_image%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
x-application-context: application:prod:80
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbSNssyiePYsG9sGcMfoXQK8%2BacDU4x51mcIgjD9bkxaypvw6PUT3NJwnFAGuvVBfg7rNNPIjpxVHl9%2FxHHkAXBafp3z97Kr0L1yo05zvlc5qW2%2Fr8k5zKDIVglbhw6oRIyg4yC%2FD2Ux9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
content-language: nl-NL
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 81ba53801aee0ead-AMS
expires: 0

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
924 B 100ms
36ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=762889780c98eceb255f3582210c39f0
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/762889780c98eceb255f3582210c39f0/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 265c808c1c131dab2e82423bfb4fa2532b8231663a092ff15c7ef6d328f78066

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:05:09 GMT
x-correlation-id: 659d437a94c5e3c69dc1cc82f97f9dab
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

POST
H2 200 getQaBotsForOrg Show response
app.frase.io/ Frame 8D28 4 KB
2 KB 141ms
141ms XHR
application/json 2606:4700:20::ac43:4ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.frase.io/getQaBotsForOrg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.3/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc3d13e57f90e85ead1f187428dbe2cd5fb118de497fdd2d7e5e302bebeeb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.frase.io/bot/home/56ccc59083474d50907915bf54d6f77e
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHDilIvoQyvjd2FRwGutM7%2BsRkszkQ0ahdM1nJZ%2FEp2sgn3B20vXqGiAWEI4a0bSb%2Fl4abwTyhx2gpqPJq5c9xYw0HGT5%2BT5lrCtRgGP%2Bd1X56%2F68mN5hOv%2BWq4bX%2BpGYDgvKq3%2Bt%2FPMUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 81ba53804b1c0ead-AMS
x-xss-protection: 1; mode=block
x-application-context: application:prod:80
expires: 0

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 102ms
37ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/762889780c98eceb255f3582210c39f0/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Tue, 23 Jan 2024 12:05:09 GMT
date: Wed, 25 Oct 2023 12:05:09 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 223ms
31ms Fetch 3.78.238.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=762889780c98eceb255f3582210c39f0&user_id=a091150e-3c05-4ce5-b35e-d680286bd456&utmb=90ae5c71-1ebf-46f6-a7fd-431ccae8ec25&path=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.78.238.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-78-238-50.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:10 GMT
x-correlation-id: 479842628b8d1df1d9b28aa0b543ee8b
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P04Y2HFW41&gtm=45je3an0v884750269&_p=1679737456&cid=410923455.1698235509&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAK&_s=2&sid=1698235508&sct=1&seg=1&dl=https%3A%2F%2Fwww.investmentcover.com%2Fhome-loan%2Fhdfc-home-loan%3Futm_source%3Dtwinedigital%26utm_medium%3D223%26utm_campaign%3DHDFCHL%26utm_content%3Demail&dt=HDFC%20Bank%20Ltd%20Home%20Loan%20-Interest%20rate%20%40%208.50%25%20Apply%20Online&en=page_view&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P04Y2HFW41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.investmentcover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 12:05:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentcover.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.conversionapi.investmentcover.com/events/a09262eaabc4248230025774cd8db0b4d1456bf54ec9663387c6ea186ac6823c	1970-01-20 17:53:31	Name: cee Value: fGl9j9CVhu%2BkrmvtMLR1%2FnMpRD9uFC21Md8x8vGjasc%3D.%7B%22cee_id%22%3A%22cee.1698235509286.90065%22%7D
.investmentcover.com/	1970-01-20 17:53:31	Name: _gcl_au Value: 1.1.1879458413.1698235508
.doubleclick.net/	1970-01-20 15:43:56	Name: test_cookie Value: CheckForPermission
.investmentcover.com/	1970-01-21 01:19:55	Name: _ga_P04Y2HFW41 Value: GS1.1.1698235508.1.1.1698235508.60.0.0
.investmentcover.com/	1970-01-21 01:19:55	Name: _ga Value: GA1.2.410923455.1698235509
.investmentcover.com/	1970-01-20 15:45:21	Name: _gid Value: GA1.2.1436693474.1698235509
.investmentcover.com/	1970-01-20 15:43:55	Name: _gat_gtag_UA_125964851_1 Value: 1
.investmentcover.com/	1970-01-20 17:53:31	Name: _fbp Value: fb.1.1698235508682.2116963367
.investmentcover.com/	1970-01-20 15:45:21	Name: _uetsid Value: be11c940732e11eeb30997e65b23cd55
.investmentcover.com/	1970-01-21 01:05:31	Name: _uetvid Value: be11ef50732e11ee9bfcc3c872a9d7fc
.bing.com/	1970-01-21 01:05:31	Name: MUID Value: 1FD2CDED7716609311A1DE5876BC61B3
www.investmentcover.com/	1970-01-20 16:27:07	Name: frase_cookie Value: d8400d541770139b
.frase.io/	1970-01-21 00:29:31	Name: cf_clearance Value: lf9bNHUC0EbcgwDD7FEgCrs8cKtbOrcoKAkLQm7892U-1698235509-0-1-eba7d4c2.2ea56ce3.bca68b22-0.2.1698235509
app.frase.io/	1970-01-20 15:54:00	Name: AWSALBCORS Value: ry+rFj1xG/Uxx9pWXC87TzsYSYxOuNhYBOXbLp9VTfHd+c3u5fe2IRNPfBrZ9Q6aK/52zXAwV2LKEItzrZjOATiHQ5DmkQdAm1IcZ8UXP88oDSRqBSW9ArjOtE9r
www.investmentcover.com/	1970-01-21 01:19:55	Name: GN_USER_ID_KEY Value: a091150e-3c05-4ce5-b35e-d680286bd456
www.investmentcover.com/	1970-01-20 15:43:57	Name: GN_SESSION_ID_KEY Value: 90ae5c71-1ebf-46f6-a7fd-431ccae8ec25
www.investmentcover.com/	1970-01-20 15:44:02	Name: XSRF-TOKEN Value: eyJpdiI6Ikk5M29LV1N5Mlh2SmZnRUxXc2MyQWc9PSIsInZhbHVlIjoiam1zb0lVZzVCWUlqQUJMRUZTMnMxNXdvNjhHTDNKRnNvTmxiRHlkU1wvWkNnOTJ3WnEyUDJxOVJqS3RQOXdNRFwvQjdMdk53WmV4WGwyMDdSdXBwQ0lodz09IiwibWFjIjoiM2FjMWZjZGM0MTNiOWViM2ZlYmQ0NmVmZDliYjA5YzRjMDhkMGMwNDk1ZjJjZWI2NjNhY2JlODc1OTA0ZWYzNiJ9
www.investmentcover.com/	1970-01-20 15:44:02	Name: investmentcover_session Value: eyJpdiI6IklGaUZpR3IxRnFsdGdxZ1NvUXlId1E9PSIsInZhbHVlIjoiVGZNcVdubmVtdFwvMlozQnFveDV3dlZBSllkXC9Zejd1N054RlZlcDJNa1BEcDAwQkJNR1FZVmxmXC9GVzIzWXRlU0RPMlwvOSs2S0l6R3lBMkNVQ1BqMlVRPT0iLCJtYWMiOiJlMzM1YzQ3ODE5ZWU3OWEwZTRjYmZmZTNhYWFkZjdjMWEzZDk3YjZiMjZmYTBhOTM0YjNjZTYxZTc1NGY4MmZkIn0%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
ajax.googleapis.com
api.gravitec.media
app.frase.io
bat.bing.com
cdn.gravitec.media
cdn.gravitec.net
cdnjs.cloudflare.com
connect.facebook.net
conversionapi.investmentcover.com
dns.frase.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
netdna.bootstrapcdn.com
q.quora.com
region1.analytics.google.com
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.investmentcover.com
13.127.116.214
162.159.152.17
2001:4860:4802:32::36
2406:da1a:778:e600:4115:1bd5:6229:c66c
2600:9000:211e:e00:e:7dd8:8180:93a1
2606:4700:20::ac43:4ada
2606:4700::6811:190e
2606:4700::6812:bcf
2606:4700:e0::ac40:660b
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c06::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.78.238.50
45.133.44.4
52.71.73.22
0af3cb51b87e7659145fe4cd594457f8168da87bc8d64c2d8b17aa2677cbde0a
0b92fb60caecb20bef555b90b71b1206316775e94be1d29e44145fb2b6145a91
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
18cd779e9c3e4197ff04065e208727b2e72798bf2526db8b479777114b06de99
1bbc9c455df8fb3b5f25240782adcd81bf6addf58b66f7b1b77fcb921debd698
1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
265c808c1c131dab2e82423bfb4fa2532b8231663a092ff15c7ef6d328f78066
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
28e12df4d80aee11b6aa79d8b76ca28e55ebebda668bd62c1da6c651d294f2c3
2dc3d13e57f90e85ead1f187428dbe2cd5fb118de497fdd2d7e5e302bebeeb15
362060ddac9d2e10ad315247d9c4408d8e4dfaf58cb1f46da3c7307a173cced9
453ead198824dbce266aad7d9c602edb044ea910bc99f92ded96155f6056e1f9
495ada10b5e514fb94952d66c8f40e87e14f7051f51696280c3bae53877083fc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560a7c1704a189489e7e282b8dd6cf664d43472da54e223faff01063df356145
589debbd2495a6ac3d34c37718c99530e52007710bcd0f69086f1c85309bee0a
590ed104ae8ea2018e3f63d8993e42a4e4f2219262bbd29a030795c8abdbbafe
5ab7a3e9efdbe88575446f57abd7a3e0e1e916064701f68ad1d936085529be73
65697bcedab5ba98bd5274115c2a79c79262912b5bcf986a4ad4f72ba00fa969
658cbd81ebf801cff960c451fcc6c895a22653842ec08c734f4a58c0ffa1114b
690c6be88d14f79d79aeeb27edf1886f0a9cc655c16850cd11b36b2542ccde5d
69224cc1a21e3b65cd12e00876f2d0f2446e262a1c6f79b4bb36dcb87067996b
6bb2c47d86b9ea9b2e1f310d9f7594354e2fd02b9676edff0cfdf485c0a470f9
6ee500b71642b0ab8d8586c614c02cd37e9e2afaea108758432dd20dfc75caf0
70ae07022dab7c5469e2aafc5f9daba85832301a36afdd8a793e671cb3f0744d
75031fe70e94e5eedb7fba1fc7dbd06ffe1c5c741f3732ae6747d9b23c39e022
7762c12ae5e248e6f2d521f58ed086a6dc00ba364802aaa58906f20cb357ae5a
7c39dc75c9579402ea4771ce3b7e0e187c5e93dd6af00a660f780695d33e4678
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
84279332e15d70b24a53b2a17a89daeb51d21f3d39dc5455e58619d0a3e634c0
8476329e80f5538da2f16adb783967c3960c20730b4533f2b3e11410e3965d6b
8c10a8dba06f55815a676dcfd0adfddd451d0bf01f7fcd9f09a4b6c1f9004f93
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
a204785914fb9050107e556bc452b3ebf8f39be77a47acc73cbba4c9c370dddb
a266193dd8162289e3583d6d9942734f38f09e770b974c187545660981b5abf0
a30ba90e54f7fd9b363605cbe29302161618c120ae117aec68d5076c3942aa4b
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
aec1b18eb96d8ec095a7d63850344a7789f85280e95bbb4aecca0e08e9245647
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
ba320e277309515c077a8c35fd940fa599cc2a0f18d2658c344867a43a6d1bd2
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
caa3d73a4067cf98ff271cc9ce5c826f7dadf8afe4df67be2330133f872c73e8
cf642a8f8d445e4c0050ecee6ca838b648670a58ce33c386aa3436214a52fa07
d83a1a4511df1d69daea6a5f1889b1031fdcbb4bc51a9a8491c7ff6177feca4e
d96123aa8b56bd0e5b8b65fdb90d02666ec1386c00f18436820e5fc8f4b43d02
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e181343fffb4c20f926044d598e388e4ddcc0029ad246b960021597dd3ded49a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e513f8613229979ff3e136b1b4b4db27bda3cc5ee262f265cf1eb11629874326
ed11c8a3019b59c06b3dadb4cef661bca542c40b2176b8932faadaf550cd3419
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f901763f74230c76b820a61d43d2ce09573da7c5cf777650b2cb8a2232d6d412

www.investmentcover.com Open in urlscan Pro 13.127.116.214 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

79 %IPv6

18 Domains

25 Subdomains

24 IPs

5 Countries

1442 kBTransfer

4119 kBSize

18 Cookies

3 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.investmentcover.com Open in urlscan Pro
13.127.116.214 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

79 %
IPv6

18
Domains

25
Subdomains

24
IPs

5
Countries

1442 kB
Transfer

4119 kB
Size

18
Cookies

78 HTTP transactions
0 data transactions