www.helmsmantpa.com Open in urlscan Pro
2a02:26f0:1700:389::50a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://helmsmantpa.com/Pages/ComplexClaims.asp
Effective URL:
https://www.helmsmantpa.com/Pages/ComplexClaims.asp
Submission Tags: falconsandbox
Submission: On December 07 via api (December 7th 2022, 12:51:21 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 49 HTTP transactions. The main IP is 2a02:26f0:1700:389::50a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.helmsmantpa.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 1st 2022. Valid for: a year.

This is the only time www.helmsmantpa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.24.23.191 184.24.23.191	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2a02:26f0:170... 2a02:26f0:1700:389::50a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:480... 2a02:26f0:480:287::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	72.140.233.34 72.140.233.34	54412 (RCC-GRANI...) (RCC-GRANITE-1)
1	99.84.88.41 99.84.88.41	16509 (AMAZON-02) (AMAZON-02)
2	52.211.247.227 52.211.247.227	16509 (AMAZON-02) (AMAZON-02)
1	34.249.28.111 34.249.28.111	16509 (AMAZON-02) (AMAZON-02)
1 1	54.229.62.148 54.229.62.148	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
49	13

1 184.24.23.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-23-191.deploy.static.akamaitechnologies.com

helmsmantpa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:26f0:1700:389::50a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.helmsmantpa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:287::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.140.233.34 (Calgary, Canada)

ASN54412 (RCC-GRANITE-1, CA)
PTR: unallocated-static.datacentres.rogers.com

seal.entrust.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-41.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.247.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-247-227.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

libertymutualagencymkts.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.62.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-62-148.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.libertymutual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	helmsmantpa.com 1 redirects helmsmantpa.com www.helmsmantpa.com	245 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 471	59 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 361 fonts.googleapis.com — Cisco Umbrella Rank: 51	9 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 222 libertymutualagencymkts.demdex.net — Cisco Umbrella Rank: 898756	5 KB
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 473	21 KB
3	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3069	17 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 242	41 KB
2	entrust.net seal.entrust.net — Cisco Umbrella Rank: 62006	14 KB
1	libertymutual.com smetrics.libertymutual.com — Cisco Umbrella Rank: 141682	372 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1131	517 B
1	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3631	45 KB
49	12

	Domain	Requested by
21	www.helmsmantpa.com	www.helmsmantpa.com
4	fonts.gstatic.com	fonts.googleapis.com
4	assets.adobedtm.com	www.helmsmantpa.com assets.adobedtm.com
3	cdn.cookielaw.org	www.helmsmantpa.com cdn.cookielaw.org
3	fonts.googleapis.com	www.helmsmantpa.com ajax.googleapis.com
3	nexus.ensighten.com	www.helmsmantpa.com nexus.ensighten.com
3	cdnjs.cloudflare.com	www.helmsmantpa.com
2	dpm.demdex.net	assets.adobedtm.com www.helmsmantpa.com
2	seal.entrust.net	www.helmsmantpa.com
1	smetrics.libertymutual.com	www.helmsmantpa.com
1	cm.everesttech.net	1 redirects
1	libertymutualagencymkts.demdex.net	assets.adobedtm.com
1	cdn.heapanalytics.com	nexus.ensighten.com
1	ajax.googleapis.com	www.helmsmantpa.com
1	helmsmantpa.com	1 redirects
49	15

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
account.helmsmantpa.com
www.linkedin.com
twitter.com
www.libertymutualgroup.com
www.entrust.net
www.entrust.com

Subject Issuer	Validity	Valid
libertymutual.myinstantincentives.com Entrust Certification Authority - L1K	`2022-07-01` - `2023-07-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
seal.entrust.net Entrust Certification Authority - L1M	`2022-09-06` - `2023-10-06`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.libertymutual.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-09` - `2023-05-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
Frame ID: 05AFEDDF2EAC2A82CB64BAAA9EFBB0A6
Requests: 48 HTTP requests in this frame

Frame: https://libertymutualagencymkts.demdex.net/dest5.html?d_nsid=0
Frame ID: 5D6CE505FA9CC6A6B760386690372BBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

- - Helmsman Page not found - Helmsman

Page URL History Show full URLs

https://helmsmantpa.com/Pages/ComplexClaims.asp HTTP 301
https://www.helmsmantpa.com/Pages/ComplexClaims.asp Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

47 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

518 kB
Transfer

1963 kB
Size

14
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://account.helmsmantpa.com/
Title: Login - Opens in a new window

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/helmsman-management-services-llc/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://twitter.com/helmsmantpa?lang=en

Search URL Search Domain Scan URL

URL: https://www.libertymutualgroup.com/about-lm/corporate-information/web-accessibility-policy
Title: Web Accessibility Policy - Opens in new window

Search URL Search Domain Scan URL

URL: https://www.libertymutualgroup.com/about-lm/corporate-information/privacy-policy
Title: Privacy Policy - Opens in new window

Search URL Search Domain Scan URL

URL: https://www.libertymutualgroup.com/about-lm/corporate-information/security-policy
Title: Security Policy - Opens in new window

Search URL Search Domain Scan URL

URL: https://www.libertymutualgroup.com/about-lm/corporate-information/terms-and-conditions
Title: Terms & Conditions - Opens in new window

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile?domain=af.libertymutual.com&lang=en

Search URL Search Domain Scan URL

URL: https://www.entrust.com/ssl-certificates1/
Title: SSL Certificate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://helmsmantpa.com/Pages/ComplexClaims.asp HTTP 301
https://www.helmsmantpa.com/Pages/ComplexClaims.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://cm.everesttech.net/cm/dd?d_uuid=02147877943020915103964598420780831833 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4-jhQAAAFpALAN6

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request ComplexClaims.asp Show response
www.helmsmantpa.com/Pages/
Redirect Chain

https://helmsmantpa.com/Pages/ComplexClaims.asp
https://www.helmsmantpa.com/Pages/ComplexClaims.asp

41 KB
43 KB

1238ms
1046ms

Document
text/html

2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

da47462dac8106c3b48b122c7b5fe6c218d9036a154ebf6b834a77abf6d359d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=86400, must-revalidate
Connection: keep-alive
Content-Length: 42148
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 00:51:16 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Link: <https://www.helmsmantpa.com/wp-json/>; rel="https://api.w.org/"
Server: nginx/1.21.5
Server-Timing: cdn-cache; desc=MISS edge; dur=151 origin; dur=547
Strict-Transport-Security: max-age=15724800; includeSubDomains

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 07 Dec 2022 00:51:14 GMT
Location: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1

GET
H/1.1 200
OK main.css
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/blocks/styles/dist/ 841 KB
103 KB 155ms
126ms Stylesheet
text/css 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/blocks/styles/dist/main.css

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

39e214f4b009d6aec5cd5bb779d24a434ecc8e7ed0ad2072cef540ed259a2ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "d2347-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=97
Content-Length: 105480

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ 86 KB
28 KB 69ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2191653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27781
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15857"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiQfpsHGs4XNCq%2FmXw4HFOf3KyRNV27cwT8yQdNOjv65XGTEiOtMjC89guQioQxihDnjsUveU2MeuDFcOy1Hovn1CRu4znWUhUsZKdGq0yE8qDfHd0dNulOyuuzKP1%2FxTmxIaJ8Kacq62jZ29QBSUkJo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7759459a9b1890e2-FRA
expires: Mon, 27 Nov 2023 00:51:16 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 24 KB
7 KB 73ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6483295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6955
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Z4p8ZVOt5w%2FRO4QmOk2C9G%2FDs6Pq0ICoXgdAT8zCzBMxPIpMzEGEVq6iClkP87FkhRXBAkTHBmvtBeN7%2FBAXc4x2iHUJxY2%2B7zBRiQjKXNS2Jj9FaokbuHo%2FZUuC0OBDsFjJudY5WUeWNOLR5GLmVDw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7759459a9b1a90e2-FRA
expires: Mon, 27 Nov 2023 00:51:16 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 11:00:32 GMT

GET
H/1.1 200
OK content-toggle-custom.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 5 KB
1 KB 231ms
167ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/content-toggle-custom.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

60ea4cccca390b12e6f16e9cafe784b078fd8fd2887c22bd4b7b6ee510711dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "1209-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=142
Content-Length: 827

GET
H/1.1 200
OK remove-whitespace.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 175 B
584 B 283ms
116ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/remove-whitespace.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

96a233daf6672564581ba1c103dd347bafdb01c69a9d4063606a2b3d83a97dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "af-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=92
Content-Length: 148

GET
H2 200 launch-c5d95214821b.min.js Show response
assets.adobedtm.com/03fb20203c68/94b584ef5653/ 153 KB
44 KB 115ms
23ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/launch-c5d95214821b.min.js
Requested by: Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e063fe9a705870b7d23d7a4250d54f326f6c833170a258f05692cbfd26a6b7d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 20:26:12 GMT
server: AkamaiNetStorage
etag: "2670f2a10d4886af2163d1c9f26861d7:1611347172.438995"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.helmsmantpa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 44778
expires: Wed, 07 Dec 2022 01:51:16 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/libertymutual/helmsmantpa_prod/ 53 KB
16 KB 101ms
23ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/libertymutual/helmsmantpa_prod/Bootstrap.js
Requested by: Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a897eb2cf557603b14905719443369805713c69ad304f2098e2e4c78b2220c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:30:33 GMT
x-amz-version-id: 6Gas4oF6AC0ErddJr6bV22IIjTUyUUJD
content-encoding: br
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 829244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 21 Jul 2021 02:16:14 GMT
server: AmazonS3
etag: W/"0b8cced44decc7ccb3dc01a831894245"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: HCZZ8-D-nrldVwe02snkbqxazTigBrj80jyge_9foFiXAVC0Xnv1oQ==

GET
H/1.1 200
OK formidableforms.css
www.helmsmantpa.com/wp-content/plugins/formidable/css/ 113 KB
19 KB 224ms
186ms Stylesheet
text/css 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/plugins/formidable/css/formidableforms.css?ver=1192124

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

9c2c60e875c1cec2a1c470419b7ad2002265a40805c74e0bbb456d965eb80130

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 21:24:32 GMT
Server: nginx/1.21.5
ETag: "1c543-5ed1048545fbd-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=162
Content-Length: 19307

GET
H/1.1 200
OK style.css
www.helmsmantpa.com/wp-content/plugins/gutenberg/build/block-library/ 94 KB
13 KB 165ms
126ms Stylesheet
text/css 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.5.0

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

517d7f75303b41894917b566c0cb0ab19d23a11fff9fccd92e7231defbc3bd60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:31 GMT
Server: nginx/1.21.5
ETag: "17658-5ed0e3362eec0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=98
Content-Length: 12446

GET
H/1.1 200
OK classic-themes.min.css
www.helmsmantpa.com/wp-includes/css/ 217 B
649 B 194ms
133ms Stylesheet
text/css 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 02 Nov 2022 18:20:03 GMT
Server: nginx/1.21.5
ETag: "d9-5ec80e3a89ac0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=331
Content-Length: 189

GET
H/1.1 200
OK style.css
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/ 0
367 B 184ms
121ms Stylesheet
text/css 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/style.css?ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "0-5ed0e33723100"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=96
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 85ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A300%2C400%2C400i%2C700&ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc8f509b79f345ed1779d7c1b6a8cede97d6ab3e0f7ceec4e68c92d1fdd7939b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:19:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 00:51:16 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.helmsmantpa.com/wp-includes/js/jquery/ 88 KB
31 KB 303ms
122ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 02 Nov 2022 18:20:03 GMT
Server: nginx/1.21.5
ETag: "15e54-5ec80e3a89ac0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=95
Content-Length: 30995

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.helmsmantpa.com/wp-includes/js/jquery/ 11 KB
5 KB 303ms
118ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 02 Nov 2022 18:20:03 GMT
Server: nginx/1.21.5
ETag: "2bd8-5ec80e3a89ac0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=93
Content-Length: 4169

GET
H/1.1 200
OK ada_func.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 11 KB
3 KB 313ms
120ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ada_func.js?ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

62eff02b470c746ed21f59cafa9811f9335b0f12774df20549ce925640e2352c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "2d45-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=93
Content-Length: 2151

GET
H/1.1 200
OK burger-menu.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 1 KB
879 B 336ms
112ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/burger-menu.js?ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

ec02ebd76b0f2dfe10f10d0d734e7aba231d14204949d4e87bbd4ea0c8e78301

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "4d8-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=89
Content-Length: 442

GET
H/1.1 200
OK search-box.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 298 B
596 B 275ms
45ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/search-box.js?ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

9497f8f8f6d63e294d7faa18fb46fca3552a66f1a7a6cc110222a1f36e1e32af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "12a-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=20
Content-Length: 159

GET
H/1.1 200
OK header.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 3 KB
1 KB 388ms
113ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/header.js?ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

e142ce7ba59d6170b4ce4611e66f60873abec66bf7b7cf523628910e6d65ef57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "a55-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=88
Content-Length: 887

GET
H2 200 29738dbc-a539-47ce-bc31-285adfdef8cb.js Show response
cdn.cookielaw.org/langswitch/ 2 KB
1 KB 86ms
36ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/langswitch/29738dbc-a539-47ce-bc31-285adfdef8cb.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769c3286c31a8b27f328b7aea795111da4235d4fe93dd69ee60f2e7416ce2561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZYtChqHMT0ePEg/qYmtRFA==
age: 70115
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 702
x-ms-lease-status: unlocked
last-modified: Fri, 17 Sep 2021 18:11:04 GMT
server: cloudflare
etag: 0x8D97A0683AF66F9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1bdcd3f3-a01e-0154-1a34-5a7439000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7759459aa8a68fe3-FRA

GET
H/1.1 200
OK Logo_rball.png
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/ 11 KB
12 KB 89ms
88ms Image
image/png 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/Logo_rball.png

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

ee16bd232bc7dd4be54d648650848e3f2c99c7c2b50db6b22e66e2c536008af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "2dca-5ed0e33723100"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=61
Content-Length: 11722

GET
H/1.1 200
OK Search.png
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/ 824 B
1 KB 120ms
118ms Image
image/png 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/Search.png

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

15601263d3d5eef56db50533c14f1fa109c4d278f89e20b1c1e35b41d1f3bc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "338-5ed0e33723100"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=92
Content-Length: 824

GET
H/1.1 200
OK hamburger-menu.svg
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/ 184 B
583 B 28ms
27ms Image
image/svg+xml 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/hamburger-menu.svg

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

c54a7505f9498620ed3c19d8db3638fd4f257c0d974062b8e6dc68641e0c8784

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "b8-5ed0e33723100"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=1
Content-Length: 162

GET
H/1.1 200
OK cmp-searchmodal.js Show response
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/ 3 KB
1 KB 52ms
52ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/js/cmp-searchmodal.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

c42f7dda72dac5a8d6b962755c6bac8c7822e9682022e82271467c1643366d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "c9a-5ed0e33723100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=26
Content-Length: 984

GET
H/1.1 200
OK LinkedIn.png
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/ 1 KB
1 KB 141ms
139ms Image
image/png 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/LinkedIn.png

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

2ecc6afafafa8037b45cbcbd61abdecdc7c9039567392ce878b55c3edc9dfaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "45f-5ed0e33723100"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=109
Content-Length: 1119

GET
H/1.1 200
OK Twitter.png
www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/ 1 KB
2 KB 173ms
172ms Image
image/png 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/images/Twitter.png

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

8185cf438a5a9dc04fd915b6cd30ebb49a88d278554a3553c0609e266ae2f248

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 09 Nov 2022 18:55:32 GMT
Server: nginx/1.21.5
ETag: "50a-5ed0e33723100"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=142
Content-Length: 1290

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/blocks/styles/dist/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 23:48:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 00:51:16 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 25ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/wp-content/themes/helmsmantemplate/blocks/styles/dist/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 454066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NegYJRxIaK9HOanGMs5iBBPFHIQY9%2BoUgRTD4Y99JoXqqhlzuKCbavxkHBw%2FXHW32Phj3H3TLqF3eK703bn78AztY5U2An26chkxHCQT%2F%2BUTizAPob6rgxy8AR0aJ1kHFedPWwzilZV%2FZ2wAJF954okl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7759459b7c3090e2-FRA
expires: Mon, 27 Nov 2023 00:51:16 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.helmsmantpa.com/wp-includes/js/ 18 KB
5 KB 54ms
53ms Script
application/javascript 2a02:26f0:1700:389::50a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helmsmantpa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:389::50a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.21.5 /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/Pages/ComplexClaims.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 00:51:16 GMT
Last-Modified: Wed, 02 Nov 2022 18:20:03 GMT
Server: nginx/1.21.5
ETag: "48b9-5ec80e3a89ac0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: cdn-cache; desc=HIT, edge; dur=20
Content-Length: 5009

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/libertymutual/helmsmantpa_prod/ 303 B
606 B 29ms
28ms Script
text/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/libertymutual/helmsmantpa_prod/serverComponent.php?r=8.930082961688237&ClientID=976&PageID=https%3A%2F%2Fwww.helmsmantpa.com%2FPages%2FComplexClaims.asp
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/helmsmantpa_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b152c0168e25250a0e8726e1f41cc2b3aa95b4d56e6f89027e0780e85923e538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 303
x-amz-cf-id: aFV_N20lRunW65owSi-H-g9EYh-IxZxZO5qemy4TPVlE3Nc4GQcFkg==
expires: Wed, 07 Dec 2022 00:51:15 GMT

GET
H2 200 39aa1668-73fa-48b1-9494-c4e301424915.js Show response
cdn.cookielaw.org/consent/ 56 KB
14 KB 29ms
28ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/39aa1668-73fa-48b1-9494-c4e301424915.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/langswitch/29738dbc-a539-47ce-bc31-285adfdef8cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86449f9698ca6491a44d50475c8ee52d76428d6f07e15ed6458d33237cb1efd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: CzmtjU2P+42qn5tFbNoHig==
age: 70114
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13842
x-ms-lease-status: unlocked
last-modified: Fri, 17 Sep 2021 18:11:07 GMT
server: cloudflare
etag: 0x8D97A068597DF09
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5ad5c8e0-201e-014e-1234-5a5b56000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7759459cca738fe3-FRA
expires: Thu, 08 Dec 2022 00:51:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 90ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.helmsmantpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 535251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 87ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.helmsmantpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 416507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 63ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.helmsmantpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 387383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 58ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.helmsmantpa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 361736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 20:22:20 GMT

GET
H/1.1 200
OK sealv2.js Show response
seal.entrust.net/ 9 KB
9 KB 798ms
127ms Script
application/javascript 72.140.233.34
RCC-GRANITE-1

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.entrust.net/sealv2.js

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

72.140.233.34 Calgary, Canada, ASN54412 (RCC-GRANITE-1, CA),

Reverse DNS

unallocated-static.datacentres.rogers.com

Software

Resource Hash

0bff94fea36ce236559135513c9709147d8ecc7de40c09929a8061d5626f10fc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 00:51:17 GMT
Last-Modified: Wed, 12 Oct 2022 07:32:28 GMT
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 8945

GET
H2 200 be65ed2bb010cf4b887832028b5d8c66.js Show response
nexus.ensighten.com/libertymutual/helmsmantpa_prod/code/ 1 KB
1 KB 30ms
30ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/libertymutual/helmsmantpa_prod/code/be65ed2bb010cf4b887832028b5d8c66.js?conditionId0=422833
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/helmsmantpa_prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00dba10ccd1de59574aae5ccc6199b26d53b085bba15986d5fe5b309cf86f418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 10:23:15 GMT
x-amz-version-id: ZI2QGKu0BbPWrZhtVDyyP8NPmZpfQY3h
content-encoding: br
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 138482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 21 Jul 2021 02:16:14 GMT
server: AmazonS3
etag: W/"f72aade0d520eee0408bfc3e73e7a1b7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: IF6uO7lMR47hXZOnmCgJJU9EzzIt2uK1tJyK0sGBl-kPW8Y-ZZl2ug==

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/6.23.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 29ms
29ms Stylesheet
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/6.23.0/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/39aa1668-73fa-48b1-9494-c4e301424915.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: EozRQ95xH7FK0i+8ShXloQ==
age: 30998
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 5561
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:48 GMT
server: cloudflare
etag: 0x8D96DBF66FF8A39
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2a108742-501e-0127-48a2-4d04fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7759459d0ab58fe3-FRA

GET
H2 200 heap-2467388025.js Show response
cdn.heapanalytics.com/js/ 114 KB
45 KB 238ms
150ms Script
application/javascript 99.84.88.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2467388025.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/libertymutual/helmsmantpa_prod/code/be65ed2bb010cf4b887832028b5d8c66.js?conditionId0=422833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-41.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

abfa1107072b68a7395e4376868ba4e31d94c1cf39c3f070f9809cb57562c1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:00 GMT
content-encoding: gzip
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-C1
age: 16
etag: W/"1c724-PskDDDsEsoWQ2ilTTLhIFA"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: v2nRk0jZz6-HRQ4fVjObEymW7O3mVqw0xfWeKr7KtomVhorO3zibiw==

GET
H3 200 css
fonts.googleapis.com/ 16 KB
956 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,600,600i,700,700i&subset=latin,latin-ext

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edf3d54213af78c582ebf2267d9d31599711c320b2e3285fddd58e5444dfc177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:51:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 00:51:16 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 382 B
1 KB 256ms
44ms XHR
application/json 52.211.247.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=35F34E5354F9ECC80A4C98A2%40AdobeOrg&d_nsid=0&ts=1670374276752

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/launch-c5d95214821b.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.247.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-247-227.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c6135b5a5e796e56b9cac67d82503bd9ecc41d8f1d757b33db168c179ccf0339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.helmsmantpa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: j9UpexKQRcI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.helmsmantpa.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 320
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 23ms
22ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/launch-c5d95214821b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.helmsmantpa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 07 Dec 2022 01:51:16 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 24ms
24ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/launch-c5d95214821b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.helmsmantpa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 07 Dec 2022 01:51:16 GMT

GET
H2 200 RC6b4207da8ff7401482aaede519eed43e-source.min.js Show response
assets.adobedtm.com/03fb20203c68/94b584ef5653/e95361e9b942/ 1022 B
767 B 22ms
22ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/e95361e9b942/RC6b4207da8ff7401482aaede519eed43e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/launch-c5d95214821b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8107de4dc4727821c5defc5b7ff1ce359bc51d5291857d71d38b7b3018ac90c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 20:26:13 GMT
server: AkamaiNetStorage
etag: "8bf87008b7c263615259e1c7a57193b5:1611347173.108455"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.helmsmantpa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 500
expires: Wed, 07 Dec 2022 01:51:16 GMT

GET
H/1.1 200
OK dest5.html Show response
libertymutualagencymkts.demdex.net/ Frame 5D6C 7 KB
3 KB 222ms
47ms Document
text/html 34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://libertymutualagencymkts.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/03fb20203c68/94b584ef5653/launch-c5d95214821b.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.helmsmantpa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3ASHo5lBQQo=
content-encoding: gzip
date: Wed, 7 Dec 2022 00:51:17 GMT
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y4-jhQAAAFpALAN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02147877943020915103964598420780831833
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4-jhQAAAFpALAN6

42 B
942 B

44ms
43ms

Image
image/gif

52.211.247.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4-jhQAAAFpALAN6

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Server

52.211.247.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-247-227.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: enDxiiDYSWM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4-jhQAAAFpALAN6
Date: Wed, 07 Dec 2022 00:51:17 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s49646632565318
smetrics.libertymutual.com/b/ss/lmamgrshelmsmanprod/1/JS-2.22.0-LAWA/ 43 B
372 B 129ms
30ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.libertymutual.com/b/ss/lmamgrshelmsmanprod/1/JS-2.22.0-LAWA/s49646632565318?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%200%3A51%3A17%203%200&mid=02133588086988786873965421303786270320&aamlh=6&ce=UTF-8&pageName=Helmsman%3Apages%3Acomplexclaims.asp&g=https%3A%2F%2Fwww.helmsmantpa.com%2FPages%2FComplexClaims.asp&cc=USD&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Helmsman%3Apages%3Acomplexclaims.asp&v1=Helmsman%3Apages%3Acomplexclaims.asp&c3=Pages&v3=Pages&c4=ComplexClaims.asp&v4=ComplexClaims.asp&v10=D%3Ds_vi&c15=D%3Dv15&v15=D%3Dg&c17=New&v17=New&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=35F34E5354F9ECC80A4C98A2%40AdobeOrg&AQE=1

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 00:51:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 08 Dec 2022 00:51:17 GMT
server: jag
etag: 3587101446249283584-4619728862433249926
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 00:51:17 GMT

GET
H/1.1 200
OK entrust_site_seal_large.png
seal.entrust.net/en/current/ 4 KB
4 KB 497ms
127ms Image
image/png 72.140.233.34
RCC-GRANITE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.entrust.net/en/current/entrust_site_seal_large.png

Requested by

Host: www.helmsmantpa.com
URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

72.140.233.34 Calgary, Canada, ASN54412 (RCC-GRANITE-1, CA),

Reverse DNS

unallocated-static.datacentres.rogers.com

Software

Resource Hash

cc84eadbd134138804b1e470aaf40d8f801539386400b56b58cebd0d27e3bdb0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.helmsmantpa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 00:51:17 GMT
Last-Modified: Wed, 12 Oct 2022 07:32:28 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 4075

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.helmsmantpa.com/Pages	1970-01-20 07:59:34	Name: srv_id Value: da9ec7da91d7c85bf2b36be25ffce83b
www.helmsmantpa.com/	1970-01-20 08:09:39	Name: AWSALB Value: ITVvz8hMdWnoZNDQPhcjNt1869xsVmxWKOLcIToLWVldQ13C6h+hm/vMuHg9Laf4KRCq5bJNTsY1y9leXXrBrhKayBV0Nzu8XW/pMrNWDiQs69cKhO/vPJPm7l3U
www.helmsmantpa.com/	1970-01-20 08:09:39	Name: AWSALBCORS Value: ITVvz8hMdWnoZNDQPhcjNt1869xsVmxWKOLcIToLWVldQ13C6h+hm/vMuHg9Laf4KRCq5bJNTsY1y9leXXrBrhKayBV0Nzu8XW/pMrNWDiQs69cKhO/vPJPm7l3U
.helmsmantpa.com/	1970-01-20 07:59:41	Name: ak_bmsc Value: 4102D61BA35DDD7138A0019DA16C7039~000000000000000000000000000000~YAAQBmZWuBk884mEAQAAWLwQ6hJSwyV8zTVrcNwv1Z9jj3RZwp3BH+9bvzJYdnLw6cUU6pslnYxlCfDwTqVGu7RdY+OQYLxwGTbNLfCd3eL4+Lqpup42StrsQRX3cLra9siQb6uxaZ1yfAvtAwSlHc09UKUk1gRs0owy10g/1O8KDoTY83pmOSZ5kxyFmzmVvEdj4siL2fVHen/FuOD9u1nmbd5jAXATqiJYCpkOqKOJ3/G5tKahW8VmuxlFFxJd3ypBfuVcCD3S6GCvir5bnzw02ufLF4UBY7t2PTE+pGFfbWvYzJLOiRBCbgaBbImJFTKYYu2RwSlGx/57j5aq+G2tm9eQkD2C68QW9axfEzlkRyn3ZCdnaffUgqp1w3bZsJ/AFQjY4+6jmThxVA==
.helmsmantpa.com/	1970-01-20 17:27:31	Name: _hp2_id.2467388025 Value: %7B%22userId%22%3A%228861496330548986%22%2C%22pageviewId%22%3A%222261309773532613%22%2C%22sessionId%22%3A%222744997709757828%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.helmsmantpa.com/	1970-01-20 07:59:36	Name: _hp2_ses_props.2467388025 Value: %7B%22z%22%3A0%2C%22ts%22%3A1670374276968%2C%22d%22%3A%22www.helmsmantpa.com%22%2C%22h%22%3A%22%2FPages%2FComplexClaims.asp%22%2C%22t%22%3A%22-%20-%20Helmsman%22%7D
.demdex.net/	1970-01-20 12:18:46	Name: demdex Value: 02147877943020915103964598420780831833
.helmsmantpa.com/	1969-12-31 23:59:59	Name: AMCVS_35F34E5354F9ECC80A4C98A2%40AdobeOrg Value: 1
.helmsmantpa.com/	1970-01-20 08:42:46	Name: s_getNewRepeat Value: 1670374277020-New
.helmsmantpa.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 16:45:10	Name: everest_g_v2 Value: g_surferid~Y4-jhQAAAFpALAN6
.dpm.demdex.net/	1970-01-20 12:18:46	Name: dpm Value: 02147877943020915103964598420780831833
.helmsmantpa.com/	1970-01-20 17:35:34	Name: AMCV_35F34E5354F9ECC80A4C98A2%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19334%7CMCMID%7C02133588086988786873965421303786270320%7CMCAAMLH-1670979077%7C6%7CMCAAMB-1670979077%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670381477s%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C5.2.0
.helmsmantpa.com/	1970-01-20 16:45:10	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Dec+07+2022+00%3A51%3A18+GMT%2B0000+(GMT)&version=6.23.0&landingPath=https%3A%2F%2Fwww.helmsmantpa.com%2FPages%2FComplexClaims.asp&groups=1%3A1%2C2%3A0%2C4%3A0%2C0_303927%3A0%2C0_303928%3A0%2C0_303929%3A0%2C0_303930%3A0%2C0_303931%3A0%2C0_303932%3A0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.helmsmantpa.com/Pages/ComplexClaims.asp Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.adobedtm.com
cdn.cookielaw.org
cdn.heapanalytics.com
cdnjs.cloudflare.com
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
helmsmantpa.com
libertymutualagencymkts.demdex.net
nexus.ensighten.com
seal.entrust.net
smetrics.libertymutual.com
www.helmsmantpa.com
15.188.95.229
184.24.23.191
2606:4700::6810:9440
2606:4700::6811:190e
2a00:1450:4001:806::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a02:26f0:1700:389::50a
2a02:26f0:480:287::1e80
34.249.28.111
52.211.247.227
54.229.62.148
65.9.66.34
72.140.233.34
99.84.88.41
00dba10ccd1de59574aae5ccc6199b26d53b085bba15986d5fe5b309cf86f418
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0bff94fea36ce236559135513c9709147d8ecc7de40c09929a8061d5626f10fc
15601263d3d5eef56db50533c14f1fa109c4d278f89e20b1c1e35b41d1f3bc26
2ecc6afafafa8037b45cbcbd61abdecdc7c9039567392ce878b55c3edc9dfaca
39e214f4b009d6aec5cd5bb779d24a434ecc8e7ed0ad2072cef540ed259a2ea9
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
517d7f75303b41894917b566c0cb0ab19d23a11fff9fccd92e7231defbc3bd60
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
60ea4cccca390b12e6f16e9cafe784b078fd8fd2887c22bd4b7b6ee510711dae
62eff02b470c746ed21f59cafa9811f9335b0f12774df20549ce925640e2352c
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
769c3286c31a8b27f328b7aea795111da4235d4fe93dd69ee60f2e7416ce2561
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8107de4dc4727821c5defc5b7ff1ce359bc51d5291857d71d38b7b3018ac90c4
8185cf438a5a9dc04fd915b6cd30ebb49a88d278554a3553c0609e266ae2f248
86449f9698ca6491a44d50475c8ee52d76428d6f07e15ed6458d33237cb1efd5
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
9497f8f8f6d63e294d7faa18fb46fca3552a66f1a7a6cc110222a1f36e1e32af
96a233daf6672564581ba1c103dd347bafdb01c69a9d4063606a2b3d83a97dca
9c2c60e875c1cec2a1c470419b7ad2002265a40805c74e0bbb456d965eb80130
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a897eb2cf557603b14905719443369805713c69ad304f2098e2e4c78b2220c71
abfa1107072b68a7395e4376868ba4e31d94c1cf39c3f070f9809cb57562c1ad
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b152c0168e25250a0e8726e1f41cc2b3aa95b4d56e6f89027e0780e85923e538
c42f7dda72dac5a8d6b962755c6bac8c7822e9682022e82271467c1643366d7a
c54a7505f9498620ed3c19d8db3638fd4f257c0d974062b8e6dc68641e0c8784
c6135b5a5e796e56b9cac67d82503bd9ecc41d8f1d757b33db168c179ccf0339
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc84eadbd134138804b1e470aaf40d8f801539386400b56b58cebd0d27e3bdb0
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
da47462dac8106c3b48b122c7b5fe6c218d9036a154ebf6b834a77abf6d359d6
dc8f509b79f345ed1779d7c1b6a8cede97d6ab3e0f7ceec4e68c92d1fdd7939b
e063fe9a705870b7d23d7a4250d54f326f6c833170a258f05692cbfd26a6b7d2
e142ce7ba59d6170b4ce4611e66f60873abec66bf7b7cf523628910e6d65ef57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec02ebd76b0f2dfe10f10d0d734e7aba231d14204949d4e87bbd4ea0c8e78301
edf3d54213af78c582ebf2267d9d31599711c320b2e3285fddd58e5444dfc177
ee16bd232bc7dd4be54d648650848e3f2c99c7c2b50db6b22e66e2c536008af8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.helmsmantpa.com Open in urlscan Pro 2a02:26f0:1700:389::50a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

47 %IPv6

12 Domains

15 Subdomains

13 IPs

5 Countries

518 kBTransfer

1963 kBSize

14 Cookies

11 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.helmsmantpa.com Open in urlscan Pro
2a02:26f0:1700:389::50a Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

47 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

518 kB
Transfer

1963 kB
Size

14
Cookies

49 HTTP transactions
0 data transactions