everestinsurance.safetyfirst.com Open in urlscan Pro
172.67.72.26  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response everestinsurance.safetyfirst.com/	16 KB 5 KB	868ms 499ms	Document text/html	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 511a503800b2329b7e294891d377b10a3faedfbb1070f68a3e6ebd868526c221 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 81418dc3f92b90dc-FRA content-encoding br content-type text/html date Tue, 10 Oct 2023 20:18:39 GMT last-modified Fri, 21 Mar 2014 18:05:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4znZUavvSS5KGzlgu0ivdQZwNnpCsermzqOmWr96YV0j8DscIclPwWhqdqvQ0u0ij9IK3ekzEBLfQ9aivg4ILg7hliPO8CgV8EeBHGGoVamdQl%2FoQj%2F1C8SaQvOvVDQl9V%2FmsqOyopeTxducA7Wi3TkR"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET
GET H2	200	SF%20logo3%20resized.jpg everestinsurance.safetyfirst.com/	13 KB 13 KB	787ms 716ms	Image image/jpeg	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://everestinsurance.safetyfirst.com/SF%20logo3%20resized.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 956ba4752fc6f8b7fc08a955a03b6139d92130853524e134bf160ede3d670ddc Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:40 GMT cf-cache-status MISS last-modified Wed, 19 May 2010 19:55:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0c98a2d8df7ca1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMehvTnxlfbPc6j1CrWMp8KAWCX4GaLGx05I%2F19p6Nyr3bnm%2Bx0S0SG54GUOSzOu9EZodfkv7QjzwCcRlpKmuhQ4YsmAPa9gu9OzbftFYEc1gr1IqGr6%2FjCy56ExFcRIeaUMyEPJrCAzfviL0UiaLU77"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81418dc90d0290dc-FRA content-length 13047
GET H2	200	traffic_jam.jpg www.gothamgazette.com/graphics/	105 KB 106 KB	917ms 561ms	Image image/jpeg	192.124.249.4 SUCURI-SEC
General Check archive.org Show headers Download Go to Show image Full URL https://www.gothamgazette.com/graphics/traffic_jam.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.4 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10004.sucuri.net Software nginx / Resource Hash 7f33bca22d544e6a032e74d47f61d15803bed7c33f4bef73008bdb842680d3f0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:41 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff content-security-policy upgrade-insecure-requests; x-sucuri-cache MISS content-length 107939 x-xss-protection 1; mode=block last-modified Wed, 08 Apr 2015 22:16:37 GMT server nginx etag "1a5a3-5133de277fb40" x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=315360000 x-sucuri-id 15004 accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Logo.jpg everestinsurance.safetyfirst.com/Everest%20Insurance_files/	27 KB 27 KB	868ms 807ms	Image image/jpeg	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://everestinsurance.safetyfirst.com/Everest%20Insurance_files/Logo.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f89211807077d5da3902b3cefd9585736dd1d161865a5b551718f92d284fe544 Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:40 GMT cf-cache-status MISS last-modified Tue, 19 Jul 2011 13:40:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "09db2781946cc1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsY4Ct4Lfr1TDHJ9GJHg9ZVRzUfZbq%2FL9x%2BCD%2BdZMuidokjuhRsXEQy8ZepZg4O6gUAPyiE%2F7njbcP%2FVGU3T%2BnCQc4jp6w4aPch0VIhuQ%2FyvZ8QWsZUQ4FfA2YWutC4MeNDX7ZalPacrPHKoD2R1Lqy4"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81418dc90d0690dc-FRA content-length 27674
GET H2	200	image002.jpg everestinsurance.safetyfirst.com/default_files/	4 KB 4 KB	717ms 657ms	Image image/jpeg	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://everestinsurance.safetyfirst.com/default_files/image002.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d39a7390f0f92445ef75281e5cfdaa2bdce204b03c7afb0d6d8518ecc3e9f989 Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:40 GMT cf-cache-status MISS last-modified Fri, 21 Mar 2014 18:05:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "e85990143045cf1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEJuOvB9xpQUdw%2BCdV%2FShRaAVquFDEbFswcZ2HJ3P36gYmFOUTRW67ACLwoBdEohTXgdWh2e5zHPIIEJNCcI%2Flix%2FQzHl4g%2Bwgk8Ehex4wmAUoIxbW363E2SONHSE4HbncR0zedahQMDwHc7QmjpykNC"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81418dc90d0790dc-FRA content-length 3886
GET H2	200	image004.jpg everestinsurance.safetyfirst.com/default_files/	3 KB 3 KB	669ms 619ms	Image image/jpeg	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://everestinsurance.safetyfirst.com/default_files/image004.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 1ae7924899a15c35c9f1dff25cb8ac4085ab805bd311c9032e0d8e9a7040b8d0 Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:40 GMT cf-cache-status MISS last-modified Fri, 21 Mar 2014 18:05:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "9c1e95143045cf1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmBmBCK3MUo01OM4fptlJIjcHVyiy3o%2FpqxzMdwTW5mznsPRlCiFJY4Rmm8c%2B%2BQn73oCCLudf%2FqbnPsp4mi36QIwLUkJtzchLNgJ%2Bv79TeyEKHcpJq6SnZ89A8TqSqnQr4YyZAqG8fvd%2Bn0C9dSbjCUo"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81418dc90d0990dc-FRA content-length 2830
GET H2	200	image006.jpg everestinsurance.safetyfirst.com/default_files/	780 B 1 KB	361ms 323ms	Image image/jpeg	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://everestinsurance.safetyfirst.com/default_files/image006.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f5c867cc94d64da8a4685488d5869f22bb84af4b050a923513dcb90f9004fdd0 Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:40 GMT cf-cache-status MISS last-modified Fri, 21 Mar 2014 18:05:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f68097143045cf1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gVqrIwYe8f5pLJqmMmqPKBlKmcWUkCD5YLwz%2BbNHReZZ9HUjdOlStOKqaLSsOAZBPCMIwEo4xpBlmcrcK9wGJhwGix7Q%2FUWdyjlJwAUbFR8zKWfOor4%2BLv0XcEpsa4efNjsqaXtD3P2zU%2B0VUAl8pSy"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81418dc90d0a90dc-FRA content-length 780
GET H2	200	image007.jpg everestinsurance.safetyfirst.com/default_files/	734 B 1 KB	660ms 622ms	Image image/jpeg	172.67.72.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://everestinsurance.safetyfirst.com/default_files/image007.jpg Requested by Host: everestinsurance.safetyfirst.com URL: https://everestinsurance.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash be97e1ea2bf9aedf0fc1c80672ee3ca06c2dbff07ab4c40596f55583d7e76d3d Request headers accept-language de-DE,de;q=0.9 Referer https://everestinsurance.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 20:18:40 GMT cf-cache-status MISS last-modified Fri, 21 Mar 2014 18:05:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f68097143045cf1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBCFvLDS9aCWIKxL3SerzN7RAFiRzhMnElYIy0zMr3qN2QlGT7gOGYkAagYOkiUd78rg%2FqO5skmMmZMXO%2Bx3ZJ%2B7i1psDdcru9jcW%2Fd96%2BG6vc1d%2ByGnOozmcO6Ub4p6Ll75z0BeFev%2F5i5h5phbTlE0"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81418dc90d0b90dc-FRA content-length 734

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://everestinsurance.safetyfirst.com/ Message: Mixed Content: The page at 'https://everestinsurance.safetyfirst.com/' was loaded over HTTPS, but requested an insecure element 'http://www.gothamgazette.com/graphics/traffic_jam.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://everestinsurance.safetyfirst.com/(Line 288) Message: Mixed Content: The page at 'https://everestinsurance.safetyfirst.com/' was loaded over HTTPS, but requested an insecure element 'http://www.gothamgazette.com/graphics/traffic_jam.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

everestinsurance.safetyfirst.com
www.gothamgazette.com
172.67.72.26
192.124.249.4
1ae7924899a15c35c9f1dff25cb8ac4085ab805bd311c9032e0d8e9a7040b8d0
511a503800b2329b7e294891d377b10a3faedfbb1070f68a3e6ebd868526c221
7f33bca22d544e6a032e74d47f61d15803bed7c33f4bef73008bdb842680d3f0
956ba4752fc6f8b7fc08a955a03b6139d92130853524e134bf160ede3d670ddc
be97e1ea2bf9aedf0fc1c80672ee3ca06c2dbff07ab4c40596f55583d7e76d3d
d39a7390f0f92445ef75281e5cfdaa2bdce204b03c7afb0d6d8518ecc3e9f989
f5c867cc94d64da8a4685488d5869f22bb84af4b050a923513dcb90f9004fdd0
f89211807077d5da3902b3cefd9585736dd1d161865a5b551718f92d284fe544