urlscan.io logo urlscan.io
SecurityTrails logo

billingsmortgageandinsurance.eligible.ai Open in urlscan Pro
52.212.52.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://billingsmortgageandinsurance.eligible.ai/
Submission: On January 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 52.212.52.84, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is billingsmortgageandinsurance.eligible.ai.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.
This is the only time billingsmortgageandinsurance.eligible.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 52.212.52.84 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 3
Apex Domain
Subdomains		 Transfer
13 eligible.ai
billingsmortgageandinsurance.eligible.ai
api.eligible.ai
983 KB
2 gstatic.com
fonts.gstatic.com
63 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
16 3
Domain Requested by
8 billingsmortgageandinsurance.eligible.ai billingsmortgageandinsurance.eligible.ai
5 api.eligible.ai billingsmortgageandinsurance.eligible.ai
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com billingsmortgageandinsurance.eligible.ai
16 4

This site contains links to these domains. Also see Links.

Domain
ico.org.uk
billingsmortgageandinsuranceservicesltd.co.uk
www.sesame.co.uk
Subject Issuer Validity Valid
billingsmortgageandinsurance.eligible.ai
R3		 2023-01-09 -
2023-04-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
api.eligible.ai
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://billingsmortgageandinsurance.eligible.ai/
Frame ID: 839FAD992AF511E9681CD4352B250EFD
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Billings Mortagage & InsuranceCookiesPlayChevron Down

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

1046 kB
Transfer

3162 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
billingsmortgageandinsurance.eligible.ai/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa6e62b6d694e39f1a978dcdbc93c26d366e9a485f2701177e5b91af4ae1b5c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Jan 2023 12:31:24 GMT
Etag
W/"63b837d4-647"
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Referrer-Policy
same-origin
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Xss-Protection
1; mode=block
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,400i,600,600i,700,700i
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
291c648b9e5c84460b73a68cc4fa7f79084bac076c08871907eea60358c72128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Jan 2023 12:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 12:31:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Jan 2023 12:31:25 GMT
main.ff933cad.js
billingsmortgageandinsurance.eligible.ai/static/js/ 		2 MB
699 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7e494ce1c57291d88fda57931a54f099963c789d9ee20c4d8c746bf43940177
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:24 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Jan 2023 11:24:02 GMT
Server
nginx
Etag
W/"63bbf952-2077ac"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/x-javascript
main.25f1e923.css
billingsmortgageandinsurance.eligible.ai/static/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/css/main.25f1e923.css
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c185a8225291a62971c722552a8254664f9b2c08d52a9f6a7d92617972919561
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Server
nginx
Etag
W/"63b837d4-1ac76"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/css
/
api.eligible.ai/api-v1/me/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eligible.ai/api-v1/me/
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
5c2219082b834226a77ba846c78ae46e50eec8f4a859d4c6b30b260b82c10d29
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=60; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Via
1.1 vegur
Server
gunicorn
Vary
Cookie, Origin
Allow
GET, HEAD, OPTIONS
Content-Type
application/json
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://billingsmortgageandinsurance.eligible.ai
Connection
keep-alive
Content-Length
3423
X-Xss-Protection
1; mode=block
/
api.eligible.ai/api-v1/content/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eligible.ai/api-v1/content/
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
9838bfa6c624c0eeddfcbd0b5eb2b71a7c11a80947984ff0e958e6add1cd6598
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=60; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Via
1.1 vegur
Server
gunicorn
Vary
Cookie, Origin
Allow
GET, HEAD, OPTIONS
Content-Type
application/json
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://billingsmortgageandinsurance.eligible.ai
Connection
keep-alive
Content-Length
3434
X-Xss-Protection
1; mode=block
904.ebecdd0b.chunk.js
billingsmortgageandinsurance.eligible.ai/static/js/ 		368 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/js/904.ebecdd0b.chunk.js
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
93a3b8d08cee2232694dd3e793fc8dadf088304838a8fb2ec7b4392e34e2bbd1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Server
nginx
Etag
W/"63b837d4-5c0e4"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/x-javascript
493.9be83815.chunk.js
billingsmortgageandinsurance.eligible.ai/static/js/ 		128 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/js/493.9be83815.chunk.js
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3505ba2e54eca5b55eb19f5c46122d57cbc58c9da7d2937b623736ff891e687d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Server
nginx
Etag
W/"63b837d4-1ffcd"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/x-javascript
763.899d027b.chunk.js
billingsmortgageandinsurance.eligible.ai/static/js/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/js/763.899d027b.chunk.js
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe29b347054bac0275c7e21c4151056d92e492f2d0201759c63b5f6fa79723e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Server
nginx
Etag
W/"63b837d4-b5ea"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/x-javascript
761.9e4b1a8f.chunk.css
billingsmortgageandinsurance.eligible.ai/static/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/css/761.9e4b1a8f.chunk.css
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f9be19a07e19ca84cc87940ae0eb407101098971f42e9b3a9c169639eefe3d8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Server
nginx
Etag
W/"63b837d4-14e92"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/css
761.bc60e25b.chunk.js
billingsmortgageandinsurance.eligible.ai/static/js/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billingsmortgageandinsurance.eligible.ai/static/js/761.bc60e25b.chunk.js
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80bbae656cc0af3d70d526f9e96bf985aff969a42d7574be0c3cdc56352f9198
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billingsmortgageandinsurance.eligible.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Encoding
gzip
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 06 Jan 2023 15:01:40 GMT
Server
nginx
Etag
W/"63b837d4-4412a"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/x-javascript
/
api.eligible.ai/api-v1/me/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eligible.ai/api-v1/me/
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
e4309bff872f979ba08925e4d41581be6e5aab8ae1e166f3e65dc4ff19ee4aed
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 12:31:26 GMT
Strict-Transport-Security
max-age=60; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Via
1.1 vegur
Server
gunicorn
Vary
Cookie, Origin
Allow
GET, HEAD, OPTIONS
Content-Type
application/json
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://billingsmortgageandinsurance.eligible.ai
Connection
keep-alive
Content-Length
3423
X-Xss-Protection
1; mode=block
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,400i,600,600i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://billingsmortgageandinsurance.eligible.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:38 GMT
x-content-type-options
nosniff
age
153288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:56:38 GMT
7Au-p_0qiz-afTf2LwLT.woff2
fonts.gstatic.com/s/muli/v28/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Au-p_0qiz-afTf2LwLT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,400i,600,600i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
542aa3a659dae23a91406e12842f7c1554e955238427f8374c6a1e17bfdb1940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://billingsmortgageandinsurance.eligible.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 23:04:35 GMT
x-content-type-options
nosniff
age
566811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32108
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 23:04:35 GMT
/
api.eligible.ai/api-v1/pageview/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eligible.ai/api-v1/pageview/
Requested by
Host: billingsmortgageandinsurance.eligible.ai
URL: https://billingsmortgageandinsurance.eligible.ai/static/js/main.ff933cad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 09 Jan 2023 12:31:26 GMT
Strict-Transport-Security
max-age=60; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Via
1.1 vegur
Server
gunicorn
Vary
Cookie, Origin
Allow
POST, OPTIONS
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://billingsmortgageandinsurance.eligible.ai
Connection
keep-alive
Content-Length
0
X-Xss-Protection
1; mode=block
/
api.eligible.ai/api-v1/pageview/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.eligible.ai/api-v1/pageview/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://billingsmortgageandinsurance.eligible.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://billingsmortgageandinsurance.eligible.ai
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 09 Jan 2023 12:31:26 GMT
Server
gunicorn
Vary
Origin
Via
1.1 vegur

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| Retain function| Beacon object| webpackChunkretain_frontend object| __SENTRY__ function| _ object| __localeData__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://app.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://api.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block