urlscan.io logo urlscan.io
SecurityTrails logo

fileaclaim.safeco.com Open in urlscan Pro
2a02:26f0:6c00:2a0::11f3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apiservices.krxd.net/click_tracker/track?kxconfid=ty6qelovo&kxadvertiserid=10990433&kxcampaignid=PROD_Safeco_CAT_Suit...
Effective URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Submission: On March 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 37 HTTP transactions. The main IP is 2a02:26f0:6c00:2a0::11f3, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is fileaclaim.safeco.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 13th 2022. Valid for: 7 months.
This is the only time fileaclaim.safeco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.194.133 54113 (FASTLY)
11 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.197.253.20 16509 (AMAZON-02)
1 143.204.98.89 16509 (AMAZON-02)
3 104.17.208.240 13335 (CLOUDFLAR...)
5 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 3.213.41.181 14618 (AMAZON-AES)
4 34.195.67.18 14618 (AMAZON-AES)
3 34.250.97.19 16509 (AMAZON-02)
37 10
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
apiservices.krxd.net
11    2a02:26f0:6c00:2a0::11f3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
fileaclaim.safeco.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    143.204.98.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-89.fra50.r.cloudfront.net
cdn.heapanalytics.com
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com
siteintercept.qualtrics.com
5    2a02:26f0:7100:2b9::2db0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdnssl.clicktale.net
2    3.213.41.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-41-181.compute-1.amazonaws.com
heapanalytics.com
4    34.195.67.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-67-18.compute-1.amazonaws.com
ing-district.clicktale.net
3    34.250.97.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
c.clicktale.net
Apex Domain
Subdomains		 Transfer
12 clicktale.net
cdnssl.clicktale.net — Cisco Umbrella Rank: 4893
ing-district.clicktale.net — Cisco Umbrella Rank: 8825
c.clicktale.net — Cisco Umbrella Rank: 4150
139 KB
11 safeco.com
fileaclaim.safeco.com
917 KB
4 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2591
19 KB
3 qualtrics.com
znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com — Cisco Umbrella Rank: 97138
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1023
24 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2997
heapanalytics.com — Cisco Umbrella Rank: 2623
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 krxd.net
apiservices.krxd.net — Cisco Umbrella Rank: 16286
258 B
37 7
Domain Requested by
11 fileaclaim.safeco.com fileaclaim.safeco.com
5 cdnssl.clicktale.net nexus.ensighten.com
cdnssl.clicktale.net
4 ing-district.clicktale.net cdnssl.clicktale.net
4 nexus.ensighten.com fileaclaim.safeco.com
nexus.ensighten.com
3 c.clicktale.net fileaclaim.safeco.com
2 siteintercept.qualtrics.com znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2 heapanalytics.com fileaclaim.safeco.com
1 znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com nexus.ensighten.com
1 cdn.heapanalytics.com nexus.ensighten.com
1 fonts.googleapis.com fileaclaim.safeco.com
1 apiservices.krxd.net 1 redirects
37 11

This site contains links to these domains. Also see Links.

Domain
www.libertymutualgroup.com
Subject Issuer Validity Valid
search.libertymutual.com
Entrust Certification Authority - L1K		 2022-01-13 -
2022-08-18		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-24 -
2022-09-24		 a year crt.sh
*.clicktale.net
DigiCert SHA2 Secure Server CA		 2021-10-18 -
2022-10-18		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
c.clicktale.net
Amazon		 2021-09-14 -
2022-10-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Frame ID: 5B625A895DDCB07BDDCAFFE836FD45BD
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Should I File a Claim? - Liberty MutualSafeco Insurance logoCaret Down

Page URL History Show full URLs

  1. https://apiservices.krxd.net/click_tracker/track?kxconfid=ty6qelovo&kxadvertiserid=10990433&kxcampaignid=... HTTP 302
    https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

37
Requests

92 %
HTTPS

30 %
IPv6

7
Domains

11
Subdomains

10
IPs

4
Countries

1147 kB
Transfer

4504 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apiservices.krxd.net/click_tracker/track?kxconfid=ty6qelovo&kxadvertiserid=10990433&kxcampaignid=PROD_Safeco_CAT_Suite_AUT_CM2370&clk=https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma HTTP 302
    https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fileaclaim.safeco.com/
Redirect Chain
  • https://apiservices.krxd.net/click_tracker/track?kxconfid=ty6qelovo&kxadvertiserid=10990433&kxcampaignid=PROD_Safeco_CAT_Suite_AUT_CM2370&clk=https://fileaclaim.safeco.com/?user=first-party?src=cm-...
  • https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
a017feb8f9ef6ecf516df7aaab46ce45a12ec1541ba8a67d3e0f0a801bea0256
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Server
nginx/1.19.10
X-Powered-By
Express
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
ETag
W/"34d-17f50e6f278"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15724800; includeSubDomains
X-Akamai-Transformed
9 845 0 pmb=mTOE,2
Content-Encoding
gzip
Date
Mon, 14 Mar 2022 22:03:37 GMT
Content-Length
694
Connection
keep-alive

Redirect headers

location
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
age
0
via
1.1 varnish (Varnish/5.2), 1.1 varnish
accept-ranges
bytes
date
Mon, 14 Mar 2022 22:03:35 GMT
x-served-by
click-tracker-a007-ash-prod.krxd.net, cache-hhn4036-HHN
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1647295416.623478,VS0,VE90
content-length
0
vendor-c452fb5253e42ab3f6e733261b95124d.css
fileaclaim.safeco.com/ 		100 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/vendor-c452fb5253e42ab3f6e733261b95124d.css?5096dabaf77ff3ea321d
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
505e231457c4cb1f16a3dfb3e016b82313342416e3cb373f35c48ffd3432c234
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
ETag
W/"18ebc-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12808
main-98e7ef3c7a979c2bb1470db1bad0b895.css
fileaclaim.safeco.com/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
4a184b2808037cae5ef84c3a4469ec758747c7a0d147f6e0fe74280f7b02039b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
ETag
W/"489d-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3979
409f1744
fileaclaim.safeco.com/akam/11/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/akam/11/409f1744
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ee5e63f523769cb59359625b3ebab3c54eb942503e98ccda5a92d1f69ed223f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 22:03:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 May 2019 20:06:44 GMT
ETag
"3640adf629b6473d077aab2dc11428ce2c86386287f451d78ef50d34eaf09b90"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
10468
Expires
Mon, 14 Mar 2022 22:03:37 GMT
vendor-382e2962aa1a69bdb3e1.js
fileaclaim.safeco.com/ 		3 MB
807 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/vendor-382e2962aa1a69bdb3e1.js?5096dabaf77ff3ea321d
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
1d3241ce3e97c898e400e4125c24321e8bf1db3febabb537481e47aa54807b37
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
ETag
W/"32bd43-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
826322
main-9b519274077298c27ab2.js
fileaclaim.safeco.com/ 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/main-9b519274077298c27ab2.js?5096dabaf77ff3ea321d
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
4713f10723f608b1a36eac56f78fb32e6b310815d68be650049b479a3a5a2643
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
ETag
W/"11adf-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14164
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i&display=swap
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/vendor-c452fb5253e42ab3f6e733261b95124d.css?5096dabaf77ff3ea321d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e615e72f26a8f2192b7410cc2fdebd9c0872d7ba81986c085d3dcb8563fe3c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 21:28:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 22:03:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 22:03:37 GMT
Bootstrap.js
nexus.ensighten.com/libertymutual/claims-prod/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/libertymutual/claims-prod/Bootstrap.js
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/main-9b519274077298c27ab2.js?5096dabaf77ff3ea321d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7d732c67d46427a96ea50520d187faa627d9b7f07b7628d5bcf433fd59257d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
content-encoding
gzip
last-modified
Mon, 03 May 2021 15:17:48 GMT
server
nginx
etag
W/"6090141c-db5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
info
fileaclaim.safeco.com/log/ 		13 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/log/info
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/main-9b519274077298c27ab2.js?5096dabaf77ff3ea321d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
a58aab6ea5178b9ea82e9b99af805c7462de27b7bd5b5d01da9788ce29c3eb91
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
ETag
W/"d-vSvrV0LF/5Gf3otFRBz8I4uqCnE"
Server
nginx/1.19.10
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Content-Length
13
b3be96cbbfd0ff1f3ba3c7c2f58c1441.woff
fileaclaim.safeco.com/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/b3be96cbbfd0ff1f3ba3c7c2f58c1441.woff
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
ETag
W/"51bc-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Content-Type
application/font-woff
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20924
f0fc91f2311b5251806eefac5bd03fa1.woff
fileaclaim.safeco.com/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/f0fc91f2311b5251806eefac5bd03fa1.woff
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
ETag
W/"51a8-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Content-Type
application/font-woff
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20904
388938f6332e5e07466341f141effc6c.woff
fileaclaim.safeco.com/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/388938f6332e5e07466341f141effc6c.woff
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.19.10 / Express
Resource Hash
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fileaclaim.safeco.com/main-98e7ef3c7a979c2bb1470db1bad0b895.css?5096dabaf77ff3ea321d
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
ETag
W/"5348-17f50e6f278"
Last-Modified
Thu, 03 Mar 2022 17:49:47 GMT
Server
nginx/1.19.10
X-Powered-By
Express
Content-Type
application/font-woff
Cache-Control
public, max-age=0
Date
Mon, 14 Mar 2022 22:03:37 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21320
serverComponent.php
nexus.ensighten.com/libertymutual/claims-prod/ 		409 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/libertymutual/claims-prod/serverComponent.php?r=70.69148347868735&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/libertymutual/claims-prod/code/&publishedOn=Mon%20May%2003%2015:17:47%20GMT%202021&ClientID=976&PageID=https%3A%2F%2Ffileaclaim.safeco.com%2F%3Fuser%3Dfirst-party%3Fsrc%3Dcm-deml-mah-esv2102103323-rtn-mma
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/claims-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7c8e2906880bb18be04f18e3f126b97386394e1961afe08912863d9017810c31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
409
expires
Mon, 14 Mar 2022 22:03:36 GMT
bbfc6e4b202549118fec5ba1dd6465e2.js
nexus.ensighten.com/libertymutual/claims-prod/code/ 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/libertymutual/claims-prod/code/bbfc6e4b202549118fec5ba1dd6465e2.js?conditionId0=422833
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/claims-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a9e649342051c3e39fa77e4915202c3272bf19613d6a551127f69cf65e984afb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 17:05:47 GMT
server
nginx
etag
W/"605236eb-4f6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
85b1de977afcf9dbc1a956750a8cf80a.js
nexus.ensighten.com/libertymutual/claims-prod/code/ 		1 KB
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/libertymutual/claims-prod/code/85b1de977afcf9dbc1a956750a8cf80a.js?conditionId0=2846527
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/claims-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6e34de0f8e23bc3654c7b744cf18114ba0ed8df34964ce7497e0a4b9727a3d3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 17:05:47 GMT
server
nginx
etag
W/"605236eb-46b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
heap-2504968760.js
cdn.heapanalytics.com/js/ 		122 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-2504968760.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/claims-prod/code/85b1de977afcf9dbc1a956750a8cf80a.js?conditionId0=2846527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-89.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5a5d7f35299f992a9e3a757de076a2ff0ba2f006a09e4f6b3cd97cce56274457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:02:23 GMT
content-encoding
gzip
server
nginx
age
74
etag
W/"1e7e5-BiRPt8V5Ux8mHD59XJUY0g"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
prs1NokV4w9GXNNO5mBCooQW3gQsjzBbSrYU5GV0Frl6P-NduKoFVQ==
/
znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_agyJhFxNlbwPtuB&Q_LOC=https%3A%2F%2Ffileaclaim.safeco.com%2F%3Fuser%3Dfirst-party%3Fsrc%3Dcm-deml-mah-esv2102103323-rtn-mma&t=1647295417483
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/claims-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59434f44d8361baab290b95ed328d2c306af0f2c75f603783e97578245f7762e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
271805
cf-polished
origSize=8435
cf-ray
6ec04ce77c5d997a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
6
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-b/RG5ojeb7DRqR5PI/TY9Zp4Qzs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
5ea45678-c130-4ac4-9249-631dd44169f0.js
cdnssl.clicktale.net/www03/ptc/ 		330 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnssl.clicktale.net/www03/ptc/5ea45678-c130-4ac4-9249-631dd44169f0.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/claims-prod/code/bbfc6e4b202549118fec5ba1dd6465e2.js?conditionId0=422833
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b9::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef1cf07f281a4d810cd49d67c1380c35ac47073c010dc4a1f5a1ed6907a9c29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
UL0UuPn8.0z4tMsbxHOEUN.8CM_GdHGw
content-encoding
br
last-modified
Mon, 14 Mar 2022 13:34:57 GMT
server
AmazonS3
x-amz-request-id
ME313KBRKGJNPK0J
etag
"3ad6a9858d34e9b2ebc66ba7df343232"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
date
Mon, 14 Mar 2022 22:03:37 GMT
accept-ranges
bytes
content-length
56339
x-amz-id-2
aGgTkoA4wrPxch020Asw7K/Fo10p7eIt0Ivnh9jCosnZigWeXuwtsnZMw3xtGveSsZ3Ymnr7XNA=
expires
Mon, 14 Mar 2022 22:13:37 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
5ea45678-c130-4ac4-9249-631dd44169f0.js
cdnssl.clicktale.net/ptc/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnssl.clicktale.net/ptc/5ea45678-c130-4ac4-9249-631dd44169f0.js
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www03/ptc/5ea45678-c130-4ac4-9249-631dd44169f0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b9::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
473d3364285b49cfeac6f9304f3fb6ba032780fe67411c6e8a9626b8122f0bc0

Request headers

Referer
https://fileaclaim.safeco.com/
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
v4eT1NbzuZAzEjdVbu3ian0RJR0EOeQ6
content-encoding
br
last-modified
Mon, 02 Aug 2021 23:57:00 GMT
server
AmazonS3
x-amz-request-id
Z361CWMK0RV5Y9AF
etag
"7a7a23d594d8faa608667d58f0d800f6"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
date
Mon, 14 Mar 2022 22:03:37 GMT
accept-ranges
bytes
content-length
8475
x-amz-id-2
QW60ZIKl6uzezFKDhPtMT9f4bp0f7rH/EU8DynNxEuyRh0wj3XQqrqLGPRP1y5jShKMJuvWqEmg=
expires
Mon, 14 Mar 2022 22:13:37 GMT
72d908f2-b984-44dc-b1fe-dc4a0e2e7d74
https://fileaclaim.safeco.com/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fileaclaim.safeco.com/72d908f2-b984-44dc-b1fe-dc4a0e2e7d74
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b431277c07496a54bd0224b23428ed890e7323037ab3c5460fb051b4f65e78e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
6483
Content-Type
application/javascript
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=2504968760&u=129667122188475&v=982950498953050&s=2357514438762016&b=web&tv=4.0&z=0&h=%2F&q=%3Fuser%3Dfirst-party%3Fsrc%3Dcm-deml-mah-esv2102103323-rtn-mma&d=fileaclaim.safeco.com&t=Should%20I%20File%20a%20Claim%3F%20-%20Liberty%20Mutual&ts=1647295417620&st=1647295417621
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.41.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-41-181.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 22:03:37 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
11.94e7d7f0c6a48ca94c06.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.94e7d7f0c6a48ca94c06.chunk.js?Q_CLIENTVERSION=1.67.0&Q_CLIENTTYPE=web&Q_BRANDID=fileaclaim.safeco.com
Requested by
Host: znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com
URL: https://znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_agyJhFxNlbwPtuB&Q_LOC=https%3A%2F%2Ffileaclaim.safeco.com%2F%3Fuser%3Dfirst-party%3Fsrc%3Dcm-deml-mah-esv2102103323-rtn-mma&t=1647295417483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b68b2028650713ad3c8abe478332a00ae022c9c14f194070a62995a7017b7237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
450028
cf-polished
origSize=60694
cf-ray
6ec04ce82d25997a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
15
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 28 Feb 2022 23:48:37 GMT
server
cloudflare
etag
W/"ed16-17f42bc6408"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
5ea45678-c130-4ac4-9249-631dd44169f0.js
cdnssl.clicktale.net/pcc/ 		116 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnssl.clicktale.net/pcc/5ea45678-c130-4ac4-9249-631dd44169f0.js?DeploymentConfigName=Release_20210802&Version=1
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/5ea45678-c130-4ac4-9249-631dd44169f0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b9::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6aa42f7a6adcb0b9f7a5bf16d8d5cbdb7c771def28413544d3423dc582dd2f91

Request headers

Referer
https://fileaclaim.safeco.com/
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
tht62lSfrB1cOZSQrMmgnx9OpaoqvFL.
content-encoding
br
last-modified
Mon, 02 Aug 2021 23:57:00 GMT
server
AmazonS3
x-amz-request-id
8TQD3BHX0CT6QNX6
etag
"7c70bfd4106074804a6dfdab6b6eb9bb"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Mon, 14 Mar 2022 22:03:37 GMT
accept-ranges
bytes
content-length
25342
x-amz-id-2
etyuIKFYFLoqChEFwtj8n59AFFckFrxRHHzsdIX8/vfEziWMQLu2t72O/IQSuIliOu2CgOiae7w=
expires
Tue, 14 Mar 2023 22:03:37 GMT
latest-WR110.js
cdnssl.clicktale.net/www/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnssl.clicktale.net/www/latest-WR110.js
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/5ea45678-c130-4ac4-9249-631dd44169f0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b9::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef407a53748bd41172cd96a7c2ff92bf591efcc8efa37943c8f65c1845369c4a

Request headers

Referer
https://fileaclaim.safeco.com/
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
QuqkN8nII8FWKvUGOtJ8zq0fnr0jC6tD
content-encoding
br
last-modified
Wed, 17 Nov 2021 13:26:17 GMT
server
AmazonS3
x-amz-request-id
FP632T13X76DXZRY
etag
"b6871fe481a03fe28ed1b21d4f4a5c78"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
date
Mon, 14 Mar 2022 22:03:37 GMT
accept-ranges
bytes
content-length
16661
x-amz-id-2
BArnqyUQH3owAFOCL3D37Jm9yTC4xBG7iq/VjlcV9gaTUDAGyfONWKnIpfqTEFg/fkHYCnAjv8A=
expires
Tue, 15 Mar 2022 22:03:37 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		17 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_agyJhFxNlbwPtuB&Q_CLIENTVERSION=1.67.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.94e7d7f0c6a48ca94c06.chunk.js?Q_CLIENTVERSION=1.67.0&Q_CLIENTTYPE=web&Q_BRANDID=fileaclaim.safeco.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b98927dc0020154dcc7254df9796fdb7237e63e327f02854354d830e4049d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fileaclaim.safeco.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Mar 2022 22:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://fileaclaim.safeco.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
11daec8bf756b3be
cf-ray
6ec04ce86d81997a-FRA
/
ing-district.clicktale.net/ctn_v2/auth/ 		240 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-district.clicktale.net/ctn_v2/auth/?pid=16663&1610100562&subsid=232956&msgsize=120
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.67.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-67-18.compute-1.amazonaws.com
Software
/
Resource Hash
f7d45a078fa6c0185b2460c457821858e173000ca2f78a1a8d6a63a1026fa2e9

Request headers

Referer
https://fileaclaim.safeco.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fileaclaim.safeco.com
date
Mon, 14 Mar 2022 22:03:38 GMT
access-control-allow-credentials
true
content-length
240
content-type
application/json; charset=UTF-8
pageview
c.clicktale.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clicktale.net/pageview?pid=2432&uu=3dcd8a1f-4864-ad86-96f8-4f52ae9dadac&sn=1&lv=1647295417&lhd=1647295417&hd=1647295417&pn=1&re=1&dw=1600&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Ffileaclaim.safeco.com%2F%3Fuser%3Dfirst-party%3Fsrc%3Dcm-deml-mah-esv2102103323-rtn-mma&uc=1&la=en-US&v=11.11.0&r=291609
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.97.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 22:03:37 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
pageEvent
c.clicktale.net/ 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clicktale.net/pageEvent?value=MIewdgZglg5gXAAgEoFMA2KCGBnFB9AJgAYCBGIgDhKAAA%3D%3D&isETR=false&isCustomHashId=false&v=11.11.0&pid=2432&uu=3dcd8a1f-4864-ad86-96f8-4f52ae9dadac&sn=1&pn=1&r=553872
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.97.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 22:03:37 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
pixel_409f1744
fileaclaim.safeco.com/akam/11/ 		0
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fileaclaim.safeco.com/akam/11/pixel_409f1744
Requested by
Host: fileaclaim.safeco.com
URL: https://fileaclaim.safeco.com/akam/11/409f1744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::11f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fileaclaim.safeco.com/?user=first-party?src=cm-deml-mah-esv2102103323-rtn-mma
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Mar 2022 22:03:38 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
dvar
c.clicktale.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clicktale.net/dvar?v=11.11.0&pid=2432&uu=3dcd8a1f-4864-ad86-96f8-4f52ae9dadac&sn=1&pn=1&dv=N4Igggcg%2BgEgomAClMAHVACAkgERALhACYBWABgBYBOANgA4B2GskAGnGniSgFUBnAKYAnbHkIBGIrRoNJRcXToUGJEAF8gA&r=303565
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.97.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 22:03:38 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
WR1115b.js
cdnssl.clicktale.net/www/ 		114 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnssl.clicktale.net/www/WR1115b.js
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b9::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6951be7543f9d65cb394488af37723029e1c674fd3d424ebfd4dc5a2530da300

Request headers

Referer
https://fileaclaim.safeco.com/
Origin
https://fileaclaim.safeco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
okS79Xp42XRDUhC6tcBuMo5TQ6qwfrYp
content-encoding
br
last-modified
Wed, 17 Nov 2021 13:26:17 GMT
server
AmazonS3
x-amz-request-id
YCP5M27GPGCT1TTJ
etag
"f892d3a72d95388bc842163d1fa84645"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Mon, 14 Mar 2022 22:03:38 GMT
accept-ranges
bytes
content-length
32267
x-amz-id-2
lGYheqUnosAXe9SXTeAojvy/+EPCVQp1n2WGtA3eQkTpR5I/qq/vyYVUyOXvpsPiM6D3rwtWu20=
expires
Tue, 14 Mar 2023 22:03:38 GMT
/
ing-district.clicktale.net/ctn_v2/wr/ 		1 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-district.clicktale.net/ctn_v2/wr/?3722854701337700&16663&11&0&0&0&264&subsid=232956&msgsize=120
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.67.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-67-18.compute-1.amazonaws.com
Software
/
Resource Hash
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
https://fileaclaim.safeco.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 22:03:41 GMT
content-length
1
content-type
text/plain; charset=UTF-8
add_user_properties_v3
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=2504968760&u=129667122188475&v=982950498953050&s=2357514438762016&b=web&tv=4.0&_Contentsquare%20Replay=https%3A%2F%2Fapp.contentsquare.com%2Fquick-playback%2Findex.html%3Fpid%3D2432%26uu%3D3dcd8a1f-4864-ad86-96f8-4f52ae9dadac%26sn%3D1%26pvid%3D1%26vd%3Dhe&st=1647295418582
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.41.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-41-181.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 22:03:38 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
dc812402-cf32-4aff-afc6-ac0300616782
https://fileaclaim.safeco.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fileaclaim.safeco.com/dc812402-cf32-4aff-afc6-ac0300616782
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
6ffacdea-c573-44c3-98c8-d350924857db
https://fileaclaim.safeco.com/ 		35 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fileaclaim.safeco.com/6ffacdea-c573-44c3-98c8-d350924857db
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
36316
/
ing-district.clicktale.net/ctn_v2/wr/ 		1 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-district.clicktale.net/ctn_v2/wr/?3722854701337700&16663&11&1&0&1&264&subsid=232956&msgsize=120
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.67.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-67-18.compute-1.amazonaws.com
Software
/
Resource Hash
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
https://fileaclaim.safeco.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 22:03:41 GMT
content-length
1
content-type
text/plain; charset=UTF-8
/
ing-district.clicktale.net/ctn_v2/wr/ 		1 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-district.clicktale.net/ctn_v2/wr/?3722854701337700&16663&11&2&1&0&105&subsid=232956&msgsize=120
Requested by
Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.67.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-67-18.compute-1.amazonaws.com
Software
/
Resource Hash
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fileaclaim.safeco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 22:03:41 GMT
content-length
1
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored string| bazadebezolkohpepadr object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ensBootstraps object| Bootstrapper object| heap function| ClickTaleCreateDOMElement number| WRInitTime string| urhehlevkedkilrobacf object| CS_CONF object| CS_INTEGRATIONS_CONF object| _uxa object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csEventtarget object| CSPathComputation object| UXAnalytics object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.67.0 function| ClickTaleOnRecording boolean| isHttps undefined| scriptSource undefined| pccSource string| pccSrc object| pccScriptElement object| ctVEconfig object| ClickTaleGlobal object| ClickTaleSettings object| ClickTaleOnReadyList boolean| ClickTaleIsXHTMLCompliant function| ClickTaleAppendInHead function| ClickTaleXHTMLCompliantScriptTagCreate boolean| ClickTaleIncludedOnDOMReady string| ClickTaleScriptSource undefined| ClickTalePrevOnReady function| ClickTaleOnReady object| ctRules_PrePCC object| ctCustomCode_PrePCC object| ct number| WRFc number| WRFa object| _ct_commands number| WRFb object| WRFm number| ClickTaleUnloadPause number| ClickTaleEventsMask string| ClickTaleIgnoreCookieName string| ClickTaleUIDCookieName function| ClickTaleLog function| ClickTale string| ClickTaleCookieDomain function| ClickTaleUploadPage function| ClickTaleDelayUploadPage function| ClickTaleIsUploadPage function| ClickTaleSetAllSensitive function| ClickTaleResetAllSensitive function| ClickTaleSetSomeSensitive function| ClickTaleResetSomeSensitive function| ClickTaleIgnore function| ClickTaleRegisterFormSubmitFailure function| ClickTaleGetVersion function| ClickTaleSetCustomElementID function| ClickTaleRegisterFormSubmitSuccess function| ClickTaleExec function| ClickTaleField function| ClickTaleNote function| ClickTaleChangeMonitorExec function| ClickTaleTag function| ClickTaleEvent function| ClickTaleGetPID function| ClickTaleSetUID function| ClickTaleGetUID function| ClickTaleGetSID function| ClickTaleUnsubscribe function| ClickTaleSubscribe function| ClickTaleLogical function| ClickTaleDetectAgent function| ClickTaleIsPlayback number| ClickTaleCookieExpiryDays function| ClickTaleIsSavedRecording function| ClickTaleIsRecording function| ClickTaleSendJsonMessage function| ClickTaleDispatchPersistedMessages function| ClickTaleUploadPageNow function| ClickTaleAddAugmentElementPathHandler function| ClickTaleGetAuthResponse function| ClickTaleGetSubscriberId function| ClickTaleGetPartition function| ClickTaleGetWRIgnoreExpiry object| ClickTaleOnStop undefined| ttMETA object| _qsie function| clickTaleStartEventSignal function| clickTaleEndEventSignal boolean| ClickTaleFirstPCCGo function| WRAA function| ClickTaleStop function| ClickTaleTerm function| ClickTaleGetClientIp function| ClickTaleEventTrigger function| ClickTaleRegisterFormSubmit function| ClickTaleRegisterFormSubmitSent function| ClickTaleRegisterFormSubmitNotSent function| ClickTaleRebindEvents function| ClickTaleLogicalForm function| ClickTaleRegisterTouchAction function| ClickTaleRegisterElementAction function| ClickTaleFormDisable function| ClickTaleFormDisableAll function| ClickTaleFormGetInputs function| ClickTaleSendThresholdExceededEvent function| ClickTaleRegisterScroll function| ClickTaleSendImmediate function| ClickTaleRegisterManualEvent function| ClickTaleLogicalWithUploadPage object| ClickTaleOnUploadPageContentFetched number| WRGC object| WRDo function| ClicktaleReplayLink

14 Cookies

Domain/Path Name / Value
fileaclaim.safeco.com/log Name: srv_id
Value: eb104febbeb03f6e23ce1aa1fcc40d35
fileaclaim.safeco.com/ Name: srv_id
Value: eb104febbeb03f6e23ce1aa1fcc40d35
fileaclaim.safeco.com/ Name: AWSALB
Value: xCDcGOx+Mp7/xFR5I44ht9JzGTthIDu1Y0GzAWsXNB7iisTkUTqRbgkUTtnRGizFEnwD8GxvoUeiRXV+oIUqfAY3B/c6h25BFgB68i297GdmMiYu0GqF78hLc4/l
fileaclaim.safeco.com/ Name: AWSALBCORS
Value: xCDcGOx+Mp7/xFR5I44ht9JzGTthIDu1Y0GzAWsXNB7iisTkUTqRbgkUTtnRGizFEnwD8GxvoUeiRXV+oIUqfAY3B/c6h25BFgB68i297GdmMiYu0GqF78hLc4/l
.safeco.com/ Name: bm_sv
Value: 93DCB0F219824C201D261928A0D95C25~EnnJlO0byBEn7vDojlDfy6fK3yTG43DSmwZL+SuOtm8Dl1ZpnrXNFE7VF6IRP5fYkfhus7f7eFhFShlo45fd+97U2PsyTItBrhfpnOmoqnnhGuSg1S/+bFOk8G8VfUAjIafB5/yioVWgnHKGMTo/rUOREeRAw9pEIby091Akg/E=
.safeco.com/ Name: _cs_c
Value: 1
.safeco.com/ Name: _hp2_id.2504968760
Value: %7B%22userId%22%3A%22129667122188475%22%2C%22pageviewId%22%3A%22982950498953050%22%2C%22sessionId%22%3A%222357514438762016%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.safeco.com/ Name: _cs_id
Value: 3dcd8a1f-4864-ad86-96f8-4f52ae9dadac.1647295417.1.1647295417.1647295417.1588699974.1681459417699
.safeco.com/ Name: _cs_s
Value: 1.1.0.1647297217701
.safeco.com/ Name: _hp2_ses_props.2504968760
Value: %7B%22ts%22%3A1647295417620%2C%22d%22%3A%22fileaclaim.safeco.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Fuser%3Dfirst-party%3Fsrc%3Dcm-deml-mah-esv2102103323-rtn-mma%22%7D
.safeco.com/ Name: ak_bmsc
Value: 11FDEA3312BBA61D2E1B3BFBFCB25D39~000000000000000000000000000000~YAAQtboQArAFQVJ/AQAASU91ig9+IxNb9WiAtQyBfLuL67FBYJ6+UlF+5mgYmztq53nTrkEOINwIxSr+d2+44EaQ/V/THDN5DrTViWoSJJy1EECgvNqfuCQ7qiE/PyuTtQBAKd5yHDMBJEcfkGEepWGAhPw1IqnB/0X7pj4qCBar58FgpKKr0u3+VK7VGW5bNNZrtqIsJqSqRDcjCcIYeJ0+OTDzsVHRFO50cofdNtghLJ31owaHiA99guZ+s/PvXMRqEfh/g6Ay3XzANjkcOub1jM0N/PN2/PkdTzXDQdb2evaYJqtS0Gy4Fjnlncz6uR8HnejCR9lg4wAiEY1m1HqkWr/cFQBijGq+JxjiM9JlVickD8046tvaZO6kaELr4fFrGm/KwJuxAImGvNacNj4IYnjGFsY93IY7AyIxeW3vusuDqMdNz+gi4FHqOK2WKwt3CxZsWfKPTkVSjhY9q8TafkpplnZvKl+oVL6jH4f2O8HyBiSG5g==
.safeco.com/ Name: _CT_RS_
Value: Recording
.safeco.com/ Name: WRUID
Value: 3722854701337700
.safeco.com/ Name: __CT_Data
Value: gpv=1&ckp=tld&dm=safeco.com&apv_16663_www03=1&cpv_16663_www03=1&rpv_16663_www03=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiservices.krxd.net
c.clicktale.net
cdn.heapanalytics.com
cdnssl.clicktale.net
fileaclaim.safeco.com
fonts.googleapis.com
heapanalytics.com
ing-district.clicktale.net
nexus.ensighten.com
siteintercept.qualtrics.com
znagyjhfxnlbwptub-libertymutualvoc.siteintercept.qualtrics.com
104.17.208.240
143.204.98.89
151.101.194.133
18.197.253.20
2a00:1450:4001:82b::200a
2a02:26f0:6c00:2a0::11f3
2a02:26f0:7100:2b9::2db0
3.213.41.181
34.195.67.18
34.250.97.19
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
1b98927dc0020154dcc7254df9796fdb7237e63e327f02854354d830e4049d2e
1d3241ce3e97c898e400e4125c24321e8bf1db3febabb537481e47aa54807b37
4713f10723f608b1a36eac56f78fb32e6b310815d68be650049b479a3a5a2643
473d3364285b49cfeac6f9304f3fb6ba032780fe67411c6e8a9626b8122f0bc0
4a184b2808037cae5ef84c3a4469ec758747c7a0d147f6e0fe74280f7b02039b
505e231457c4cb1f16a3dfb3e016b82313342416e3cb373f35c48ffd3432c234
59434f44d8361baab290b95ed328d2c306af0f2c75f603783e97578245f7762e
5a5d7f35299f992a9e3a757de076a2ff0ba2f006a09e4f6b3cd97cce56274457
5b431277c07496a54bd0224b23428ed890e7323037ab3c5460fb051b4f65e78e
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1
6951be7543f9d65cb394488af37723029e1c674fd3d424ebfd4dc5a2530da300
6aa42f7a6adcb0b9f7a5bf16d8d5cbdb7c771def28413544d3423dc582dd2f91
6e34de0f8e23bc3654c7b744cf18114ba0ed8df34964ce7497e0a4b9727a3d3a
6ee5e63f523769cb59359625b3ebab3c54eb942503e98ccda5a92d1f69ed223f
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
7c8e2906880bb18be04f18e3f126b97386394e1961afe08912863d9017810c31
7d732c67d46427a96ea50520d187faa627d9b7f07b7628d5bcf433fd59257d18
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
a017feb8f9ef6ecf516df7aaab46ce45a12ec1541ba8a67d3e0f0a801bea0256
a58aab6ea5178b9ea82e9b99af805c7462de27b7bd5b5d01da9788ce29c3eb91
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
a9e649342051c3e39fa77e4915202c3272bf19613d6a551127f69cf65e984afb
b68b2028650713ad3c8abe478332a00ae022c9c14f194070a62995a7017b7237
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615e72f26a8f2192b7410cc2fdebd9c0872d7ba81986c085d3dcb8563fe3c8f
eef1cf07f281a4d810cd49d67c1380c35ac47073c010dc4a1f5a1ed6907a9c29
ef407a53748bd41172cd96a7c2ff92bf591efcc8efa37943c8f65c1845369c4a
f7d45a078fa6c0185b2460c457821858e173000ca2f78a1a8d6a63a1026fa2e9