insurancetpa.files.com Open in urlscan Pro
34.204.153.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://insurancetpa.files.com/files/Everest
Submission: On September 28 via manual (September 28th 2023, 1:44:22 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 34.204.153.236, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is insurancetpa.files.com.
TLS certificate: Issued by R3 on September 8th 2023. Valid for: 3 months.

This is the only time insurancetpa.files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	34.204.153.236 34.204.153.236	14618 (AMAZON-AES) (AMAZON-AES)
2	52.216.218.160 52.216.218.160	16509 (AMAZON-02) (AMAZON-02)
16	3

13 34.204.153.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-153-236.compute-1.amazonaws.com

insurancetpa.files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.218.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	files.com insurancetpa.files.com	2 MB
2	amazonaws.com s3.amazonaws.com	19 KB
0	report-uri.io Failed actionverb.report-uri.io Failed
16	3

	Domain	Requested by
13	insurancetpa.files.com	insurancetpa.files.com
2	s3.amazonaws.com	insurancetpa.files.com
0	actionverb.report-uri.io Failed	insurancetpa.files.com
16	3

This site contains no links.

Subject Issuer	Validity	Valid
files.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://insurancetpa.files.com/files/Everest
Frame ID: 198A892B433C03A2D8A89E25594AAB47
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In · InsuranceTPA

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1888 kB
Transfer

7075 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Everest Show response
insurancetpa.files.com/files/ 1 KB
2 KB 437ms
90ms Document
text/html 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

c47b33fa62d3a640ff2b11ca4fe76dfbd4e184e3e8733c86aab06fdf5b79a610

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-mYkMixsoLQtjhnbF1OP0yLV98ZIxUkyB';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-mYkMixsoLQtjhnbF1OP0yLV98ZIxUkyB';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-type: text/html
date: Thu, 28 Sep 2023 13:44:16 GMT
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
referrer-policy: same-origin
server: files.com
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
x-download-options: noopen
x-files-frontend-app: true
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 246cd12ed5349bcab1b17deb00ce614c
x-xss-protection: 1; mode=block

GET
H2 200 styles.44f7ed00720d9b3e29f4.css
insurancetpa.files.com/ 540 KB
118 KB 183ms
182ms Stylesheet
text/css 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/styles.44f7ed00720d9b3e29f4.css

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

df74b8153e944bfe93f6559f48cea23b5eb3167709cf764692c804572be71d42

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-TNS8Ky50RbYnBZTncjx2vuNqB15ugxss';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:16 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-TNS8Ky50RbYnBZTncjx2vuNqB15ugxss';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1d1bc14bafe0c14ef9a384e65206d506, 1d1bc14bafe0c14ef9a384e65206d506
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
cache-control: max-age=2592000, public, max-age=2592000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
expires: Sat, 28 Oct 2023 13:44:16 GMT

GET
H2 200 tailwind.generated.css
insurancetpa.files.com/ 15 KB
5 KB 273ms
273ms Stylesheet
text/css 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/tailwind.generated.css

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

a7d01e5b50bab4bf60bd70b8bbf581f0fe9bb1162843c69a84b0fd51fc893d62

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-xeKgMDfWqfr9heyhENifHDIGKWldrv0u';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:16 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-xeKgMDfWqfr9heyhENifHDIGKWldrv0u';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 78893ad519b6cd09a859bf371232aee0, 78893ad519b6cd09a859bf371232aee0
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()

GET
H2 200 styles.8ea2152cb4e1a73c890b.js Show response
insurancetpa.files.com/ 10 KB
3 KB 274ms
273ms Script
application/x-javascript 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/styles.8ea2152cb4e1a73c890b.js

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

a0f155c2a97e83349c6e83314870d54d12fc7180dd47222fec7e759140b4460d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-xz2K0meWUDZ0fdmVGwk4pcr7v2cQI9da';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:16 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-xz2K0meWUDZ0fdmVGwk4pcr7v2cQI9da';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1b3087cbad667286fa4978f4f815bc69, 1b3087cbad667286fa4978f4f815bc69
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
cache-control: max-age=2592000, public, max-age=2592000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
expires: Sat, 28 Oct 2023 13:44:16 GMT

GET
H2 200 vendor.71bf0432a25f8b89b891.js Show response
insurancetpa.files.com/ 3 MB
788 KB 274ms
274ms Script
application/x-javascript 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

420244d2fd2fc6724a077c2b41f98c0e67be944933d840dcb5c96ddcd2e45a3c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-b9gKr1JzamHOiUsFfuk9WCX3gsiysrBr';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:16 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-b9gKr1JzamHOiUsFfuk9WCX3gsiysrBr';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0d72f215eb7c13a229115a17979d26d9, 0d72f215eb7c13a229115a17979d26d9
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
cache-control: max-age=2592000, public, max-age=2592000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
expires: Sat, 28 Oct 2023 13:44:16 GMT

GET
H2 200 main.61cb92fc27434685b231.js Show response
insurancetpa.files.com/ 3 MB
689 KB 275ms
275ms Script
application/x-javascript 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/main.61cb92fc27434685b231.js

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

04e1356776a9605eb610a6958e9a34d1541140d1ddb649a731a4b5df14c7ca8c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-VC20oE0ejYmRj3bttpCe5tfrGYpyxAqN';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:16 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-VC20oE0ejYmRj3bttpCe5tfrGYpyxAqN';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ae253eb83dc40551cbc3ddc9e68e198c, ae253eb83dc40551cbc3ddc9e68e198c
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
cache-control: max-age=2592000, public, max-age=2592000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
expires: Sat, 28 Oct 2023 13:44:16 GMT

POST enforce
actionverb.report-uri.io/r/default/csp/ 0
0

GET
H2 200 a45402c5568d8a2fbd1f.worker.js
insurancetpa.files.com/ 768 KB
254 KB 93ms
92ms Other
application/x-javascript 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/a45402c5568d8a2fbd1f.worker.js

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/files/Everest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

f323ce102b7ef62abf010363b844d60045679af12e0d602b032ead99e1dad27a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-oI3n2pgyf178jFyvFCPaZVc8YllNRnbL';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:17 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-oI3n2pgyf178jFyvFCPaZVc8YllNRnbL';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 81b44bf3e40da27ea9ed0b8d1084ea27, 81b44bf3e40da27ea9ed0b8d1084ea27
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()

GET
H2 200 settings Show response
insurancetpa.files.com/api/rest/v1/ 5 KB
2 KB 118ms
117ms Fetch
application/json 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurancetpa.files.com/api/rest/v1/settings
Requested by: Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-153-236.compute-1.amazonaws.com
Software: files.com /
Resource Hash: 2ee3c86b197d3636b536238ac1619a4734e27c785f3d1426134847a85dd24d5e

Request headers

Accept: application/json
Referer: https://insurancetpa.files.com/
X-Files-React-Version: production-158
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 13:44:17 GMT
content-encoding: gzip
server: files.com
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-request-id: aae5cc3476a2a5967f74f4b549f4e08f, aae5cc3476a2a5967f74f4b549f4e08f
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
insurancetpa.files.com/api/rest/v1/ 5 KB
2 KB 107ms
106ms Fetch
application/json 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurancetpa.files.com/api/rest/v1/settings
Requested by: Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-153-236.compute-1.amazonaws.com
Software: files.com /
Resource Hash: 2ee3c86b197d3636b536238ac1619a4734e27c785f3d1426134847a85dd24d5e

Request headers

Accept: application/json
Referer: https://insurancetpa.files.com/
X-Files-React-Version: production-158
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 13:44:17 GMT
content-encoding: gzip
server: files.com
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-request-id: f050c05f7743d7bdbf14ffb5f4d9ada2, f050c05f7743d7bdbf14ffb5f4d9ada2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 401 Everest Show response
insurancetpa.files.com/api/rest/v1/styles/ 231 B
518 B 99ms
99ms Fetch
application/json 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurancetpa.files.com/api/rest/v1/styles/Everest
Requested by: Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-153-236.compute-1.amazonaws.com
Software: files.com /
Resource Hash: b3b9ec3354ff509a83bff1608548d14d64b0f464472f9bb1e50771b034b606a8

Request headers

Accept: application/json
Referer: https://insurancetpa.files.com/
X-Files-React-Version: production-158
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 13:44:17 GMT
server: files.com
content-type: application/json
x-files-error-class: not-authenticated/authentication-required
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 231
x-request-id: 3a823c867be49e646ae6bf9c03d16911, 3a823c867be49e646ae6bf9c03d16911
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 10121.logo.d09ee29b-ec5a-48e3-a8f3-8edb73f9cb37.png
s3.amazonaws.com/objects.brickftp.com/0/ 9 KB
9 KB 341ms
144ms Image
application/octet-stream 52.216.218.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/objects.brickftp.com/0/10121.logo.d09ee29b-ec5a-48e3-a8f3-8edb73f9cb37.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIEWLY3MN4YGZQOWA%2F20230926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230926T021358Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&response-cache-control=max-age%3D604800%2C%20private&response-content-type=application%2Foctet-stream&X-Amz-Signature=06a48738a8b3ba82d137ff24551a3dd344e99a958023b7e215f2057e099ebe62
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.218.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fbb5a2fa9236c3f934117b02ecfeb48903641661849007951bd714035ff245c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 13:44:18 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Jul 2021 14:13:06 GMT
Server: AmazonS3
x-amz-request-id: KDH6W2GG7AP5NMRJ
ETag: "50e7f7fd86a473b810f94205a127d4e0"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Cache-Control: max-age=604800, private
Accept-Ranges: bytes
Content-Length: 9168
x-amz-id-2: B/bZy4DmPtY+fNsmkGaHBEKqtqxjq5KAsDZj+zLjw07Z7nCK68bdcUwaJsyvys7e9B4MVXN6VmU=

GET
H/1.1 200
OK 10121.logo.d09ee29b-ec5a-48e3-a8f3-8edb73f9cb37.png
s3.amazonaws.com/objects.brickftp.com/0/ 9 KB
9 KB 148ms
148ms Image
application/octet-stream 52.216.218.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/objects.brickftp.com/0/10121.logo.d09ee29b-ec5a-48e3-a8f3-8edb73f9cb37.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIEWLY3MN4YGZQOWA%2F20230926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230926T021358Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&response-cache-control=max-age%3D604800%2C%20private&response-content-type=application%2Foctet-stream&X-Amz-Signature=06a48738a8b3ba82d137ff24551a3dd344e99a958023b7e215f2057e099ebe62
Requested by: Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.218.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fbb5a2fa9236c3f934117b02ecfeb48903641661849007951bd714035ff245c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 13:44:19 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Jul 2021 14:13:06 GMT
Server: AmazonS3
x-amz-request-id: S5WSJST3XBKT9Z4Q
ETag: "50e7f7fd86a473b810f94205a127d4e0"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Cache-Control: max-age=604800, private
Accept-Ranges: bytes
Content-Length: 9168
x-amz-id-2: slQAhpGFH55WoRrmfPteDxnhNz25t57bVcIOyguu/S0CG+dlY2QMxK53oe+10ffB9ohDUuUWvJM=

GET
H2 401 Everest Show response
insurancetpa.files.com/api/rest/v1/styles/ 231 B
518 B 98ms
98ms Fetch
application/json 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurancetpa.files.com/api/rest/v1/styles/Everest
Requested by: Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-153-236.compute-1.amazonaws.com
Software: files.com /
Resource Hash: c247f3b739f49f856d2c64fd93463f79badcb1bf9e61c39fa4932b1b772d44d6

Request headers

Accept: application/json
Referer: https://insurancetpa.files.com/
X-Files-React-Version: production-158
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 13:44:18 GMT
server: files.com
content-type: application/json
x-files-error-class: not-authenticated/authentication-required
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 231
x-request-id: 99fb9f2c98878f5a6bde917b9f9c95a2, 99fb9f2c98878f5a6bde917b9f9c95a2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LoginPage.98c343c86246542ea941.js Show response
insurancetpa.files.com/ 7 KB
5 KB 91ms
90ms Script
application/x-javascript 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://insurancetpa.files.com/LoginPage.98c343c86246542ea941.js

Requested by

Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/main.61cb92fc27434685b231.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-153-236.compute-1.amazonaws.com

Software

files.com /

Resource Hash

e15da64bbd8c4962ae1af0118acbbf90f2167069142f3c66e55d664f7cb6af82

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-gNQ1Prozrcha4DJQ1JZP56dXaL8ifEgW';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurancetpa.files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:44:18 GMT
strict-transport-security: max-age=631139040; includeSubdomains; preload;
x-content-type-options: nosniff
content-security-policy: base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' *.files.com *.s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' *.amazonaws.com *.wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-gNQ1Prozrcha4DJQ1JZP56dXaL8ifEgW';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d53967511e5fa3a7fdbb5367bc464de8, d53967511e5fa3a7fdbb5367bc464de8
x-files-frontend-app: true
referrer-policy: same-origin
server: files.com
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
expect-ct: enforce, max-age=60, report-uri="https://actionverb.report-uri.com/r/d/ct/enforce"
cache-control: max-age=2592000, public, max-age=2592000
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
expires: Sat, 28 Oct 2023 13:44:18 GMT

GET
H2 200 public_inboxes Show response
insurancetpa.files.com/api/rest/v1/ 2 B
238 B 101ms
101ms Fetch
application/json 34.204.153.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://insurancetpa.files.com/api/rest/v1/public_inboxes
Requested by: Host: insurancetpa.files.com
URL: https://insurancetpa.files.com/vendor.71bf0432a25f8b89b891.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.204.153.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-153-236.compute-1.amazonaws.com
Software: files.com /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json
Referer: https://insurancetpa.files.com/
X-Files-React-Version: production-158
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 13:44:18 GMT
server: files.com
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 2
x-request-id: ac8fb320289dc557a62a68a266618a77, ac8fb320289dc557a62a68a266618a77
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: actionverb.report-uri.io
URL: https://actionverb.report-uri.io/r/default/csp/enforce

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://actionverb.report-uri.com/r/default/csp/enforce Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://insurancetpa.files.com/api/rest/v1/styles/Everest Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://insurancetpa.files.com/api/rest/v1/styles/Everest Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';block-all-mixed-content ;child-src brickftp.com go.oncehub.com 'self';connect-src 'self' .files.com .s3.amazonaws.com s3.amazonaws.com s3-af-south-1.amazonaws.com s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com s3-ap-northeast-3.amazonaws.com s3-ap-south-1.amazonaws.com s3-ap-southeast-1.amazonaws.com s3-ap-southeast-2.amazonaws.com s3-ca-central-1.amazonaws.com s3-eu-central-1.amazonaws.com s3-eu-north-1.amazonaws.com s3-eu-south-1.amazonaws.com s3-eu-west-1.amazonaws.com s3-eu-west-2.amazonaws.com s3-eu-west-3.amazonaws.com s3-me-south-1.amazonaws.com s3-sa-east-1.amazonaws.com s3-us-east-1.amazonaws.com s3-us-east-2.amazonaws.com s3-us-gov-east-1.amazonaws.com s3-us-gov-west-1.amazonaws.com s3-us-west-1.amazonaws.com s3-us-west-2.amazonaws.com staging-wopi.files.com wopi.files.com;font-src 'self' data:;form-action 'self';frame-src 'self' go.oncehub.com staging-wopi.files.com wopi.files.com jssdk.files.com;img-src 'self' data: blob: https:;media-src 'self' .amazonaws.com .wasabisys.com *.files.com;object-src 'self';script-src 'self' 'nonce-mYkMixsoLQtjhnbF1OP0yLV98ZIxUkyB';style-src 'self' 'unsafe-inline';upgrade-insecure-requests ;worker-src 'self';report-uri https://actionverb.report-uri.io/r/default/csp/enforce
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actionverb.report-uri.io
insurancetpa.files.com
s3.amazonaws.com
actionverb.report-uri.io
34.204.153.236
52.216.218.160
04e1356776a9605eb610a6958e9a34d1541140d1ddb649a731a4b5df14c7ca8c
2ee3c86b197d3636b536238ac1619a4734e27c785f3d1426134847a85dd24d5e
420244d2fd2fc6724a077c2b41f98c0e67be944933d840dcb5c96ddcd2e45a3c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
a0f155c2a97e83349c6e83314870d54d12fc7180dd47222fec7e759140b4460d
a7d01e5b50bab4bf60bd70b8bbf581f0fe9bb1162843c69a84b0fd51fc893d62
b3b9ec3354ff509a83bff1608548d14d64b0f464472f9bb1e50771b034b606a8
c247f3b739f49f856d2c64fd93463f79badcb1bf9e61c39fa4932b1b772d44d6
c47b33fa62d3a640ff2b11ca4fe76dfbd4e184e3e8733c86aab06fdf5b79a610
df74b8153e944bfe93f6559f48cea23b5eb3167709cf764692c804572be71d42
e15da64bbd8c4962ae1af0118acbbf90f2167069142f3c66e55d664f7cb6af82
f323ce102b7ef62abf010363b844d60045679af12e0d602b032ead99e1dad27a
fbb5a2fa9236c3f934117b02ecfeb48903641661849007951bd714035ff245c2

insurancetpa.files.com Open in urlscan Pro 34.204.153.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1888 kBTransfer

7075 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

insurancetpa.files.com Open in urlscan Pro
34.204.153.236 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1888 kB
Transfer

7075 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions