urlscan.io logo urlscan.io
SecurityTrails logo

stayonautopay.travelers.com Open in urlscan Pro
66.6.117.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://travelers.com/StayOnAutoPay
Effective URL: https://stayonautopay.travelers.com/
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 66.6.117.35, located in Shawnee, United States and belongs to LIGHTEDGE-AS-02, US. The main domain is stayonautopay.travelers.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on June 4th 2021. Valid for: a year.
This is the only time stayonautopay.travelers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 170.202.248.56 17166 (TRAVELERS...)
1 1 104.111.214.40 16625 (AKAMAI-AS)
8 66.6.117.35 11320 (LIGHTEDGE...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 6
2    170.202.248.56 (United States)

ASN17166 (TRAVELERSPCAS, US)
travelers.com
1    104.111.214.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-40.deploy.static.akamaitechnologies.com
www.travelers.com
8    66.6.117.35 (Shawnee, United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: cnr35.assocplus.com
stayonautopay.travelers.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 travelers.com
travelers.com — Cisco Umbrella Rank: 45347
www.travelers.com — Cisco Umbrella Rank: 61821
stayonautopay.travelers.com
461 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
489 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251
31 KB
21 4
Domain Requested by
8 stayonautopay.travelers.com stayonautopay.travelers.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com stayonautopay.travelers.com
www.gstatic.com
www.google.com
2 ajax.googleapis.com stayonautopay.travelers.com
2 travelers.com 2 redirects
1 fonts.gstatic.com www.google.com
1 www.travelers.com 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
www.travelers.com
Subject Issuer Validity Valid
stayonautopay.travelers.com
Entrust Certification Authority - L1M		 2021-06-04 -
2022-06-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://stayonautopay.travelers.com/
Frame ID: 3B71E36EDEFBAB514BBD62BFBEA177C0
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
Frame ID: 56914BE5278D6240D54FF0457B71B72C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm
Frame ID: 70DA985B879A5A0ABBC1CE0F3A2B88FC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

StayOnAutoPay

Page URL History Show full URLs

  1. http://travelers.com/StayOnAutoPay HTTP 302
    https://travelers.com/StayOnAutoPay HTTP 301
    https://www.travelers.com/StayOnAutoPay HTTP 302
    https://stayonautopay.travelers.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

21
Requests

100 %
HTTPS

57 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

1004 kB
Transfer

3653 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://travelers.com/StayOnAutoPay HTTP 302
    https://travelers.com/StayOnAutoPay HTTP 301
    https://www.travelers.com/StayOnAutoPay HTTP 302
    https://stayonautopay.travelers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stayonautopay.travelers.com/
Redirect Chain
  • http://travelers.com/StayOnAutoPay
  • https://travelers.com/StayOnAutoPay
  • https://www.travelers.com/StayOnAutoPay
  • https://stayonautopay.travelers.com/
490 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
65e7deaec9ea5da70af99724bce951801034a6a923c7e6ccbc76b264087202dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Accept-Ranges
none
Date
Wed, 02 Mar 2022 15:15:13 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
97014
Content-Type
text/html

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
Location
https://stayonautopay.travelers.com
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-OneAgent-JS-Injection
true
X-ruxit-JS-Agent
true
Server-Timing
dtRpid;desc="-1279718257"
Content-Length
158
Date
Wed, 02 Mar 2022 15:15:11 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
sameorigin
Feature-Policy
fullscreen 'none'
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data:
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d78ee501fd3af17e979356da8b12261e4647ea87c01df316a742de9deb090eda
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 15:15:13 GMT
a5-72955548.js
stayonautopay.travelers.com/javascript/ 		2 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stayonautopay.travelers.com/javascript/a5-72955548.js
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
934efc7c2557fd5868160bcaebc6277b557371ef6ef087d227b79bd609775fe2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 Dec 2020 11:46:02 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
355158
a5_url.js
stayonautopay.travelers.com/javascript/ 		42 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stayonautopay.travelers.com/javascript/a5_url.js
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
3217c26a892c85475c97cd5e230c22bc693f377bd20d09cad1b543262b2c8698

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 Dec 2020 11:46:02 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
58
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 07:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Feb 2023 07:41:57 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/3.5.1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/3.5.1/jquery-ui.min.js
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
style.css
stayonautopay.travelers.com/css/TravEFT/ 		64 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stayonautopay.travelers.com/css/TravEFT/style.css?buildcount_33
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
d548ccd9d9ffb8765c31b8575ec603f5cb1516cf549630e86933a362e978fae5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 19:03:40 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
7053
style.js
stayonautopay.travelers.com/css/TravEFT/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stayonautopay.travelers.com/css/TravEFT/style.js?buildcount_33
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
5145f1e6554c7af3898a90ca67886c601c89de4afa45a6190315da7d9d04c1e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 19:03:40 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
2795
style.css
stayonautopay.travelers.com/css/_sharedStyles/ 		4 B
406 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stayonautopay.travelers.com/css/_sharedStyles/style.css?buildcount_33
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 14:39:40 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
24
trav-logo-sm@2x.png
stayonautopay.travelers.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stayonautopay.travelers.com/trav-logo-sm@2x.png
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
8d99e57bcb667148a39b7e19ed4597db2ad86bbb6ae106cbe4656dac744430fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 19:03:12 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
4872
error-icon@1x.png
stayonautopay.travelers.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stayonautopay.travelers.com/error-icon@1x.png
Requested by
Host: stayonautopay.travelers.com
URL: https://stayonautopay.travelers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.117.35 Shawnee, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
cnr35.assocplus.com
Software
Alpha Anywhere Application Server/12.0 Build/7295-5548 /
Resource Hash
1fa4f9dedf88006bdd996972c859ad02df6a3ffc2c89dde82c2dccbc79e8bbb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 15:15:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 19:03:12 GMT
Server
Alpha Anywhere Application Server/12.0 Build/7295-5548
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Length
694
recaptcha__de.js
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ 		357 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stayonautopay.travelers.com/
Origin
https://stayonautopay.travelers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144239
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 21:22:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:54:43 GMT
truncated
/ 		81 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f4c8b83d850d4e8da3c5fa5b9006f10d0c0cf2c8e91ff214335935556015184

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
anchor
www.google.com/recaptcha/api2/ Frame 5691 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eaa31998de2c3b906f90a7987b98d3737b4b9e4897c90e909094c8a9a21f0b43
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q5H7Gf42pdh1niNmqW6GVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 02 Mar 2022 15:15:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-q5H7Gf42pdh1niNmqW6GVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22844
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 5691 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 13:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 21:22:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 13:00:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 5691 		357 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144239
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 21:22:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:54:43 GMT
truncated
/ Frame 5691 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5691 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5691 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
age
72927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 08 Mar 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5691 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
79714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5691 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89567d8c6d40b4b724c621cd789d46041d7312ca07647afd0f8ce3939e3631cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm&co=aHR0cHM6Ly9zdGF5b25hdXRvcGF5LnRyYXZlbGVycy5jb206NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=u9hmgy7ykwet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 15:15:15 GMT
bframe
www.google.com/recaptcha/api2/ Frame 70DA 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83363570c3c9a1aec523c81ab520a9f02a084714afbf3bd85a4f88b773552e14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/ev4ScLTuHeB27ZRyYKS0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stayonautopay.travelers.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 02 Mar 2022 15:15:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-/ev4ScLTuHeB27ZRyYKS0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 70DA 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 13:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 21:22:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 13:00:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 70DA 		357 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6Lf4iagZAAAAAOmPUnNHTVTXs7GhtI8xsEz2vxtm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144239
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 21:22:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:54:43 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| $ function| $n function| $isChild function| $cetp function| $ae function| $re function| $ga function| $sa function| $gv function| $gvs function| $sv function| $svs function| $gvById function| $svById function| $gs function| $ss function| $scn function| $acn function| $rcn function| $cdn function| $swto function| $sor function| $gpt function| $gpl function| $po object| Class function| $if object| $u object| $e object| $a object| AUI object| A5 undefined| ua function| a5_AJAX_GridAction function| a5_AJAX_GridSubmit function| a5_AJAX_Form function| a5_AJAX_Form_SetFocus function| a5_AJAX_Form_SetDirty function| a5_AJAX_Form_SetDirtyControl function| a5_AJAX_Form_ErrorsSet function| a5_AJAX_Form_ErrorsClear function| a5_AJAX_FormPrepare function| a5_AJAX_Callback function| a5_AJAX_Form_populateSelect function| a5_AJAX_Form_RegionHarvest function| a5_AJAX_Form_SubmitValueParam function| urlencode function| a5_AJAX_FormReset object| a5_msg_box function| load_date_picker function| fill_calendar function| prev_month function| prev_year function| next_month function| next_year function| set_date function| hide_calendar_evnt function| hide_calendar function| get_num_month function| get_chr_month function| Report function| $f function| closeParentA5Window function| closeLastOpenedA5Window function| randId function| getTabbedUI function| A5DataArrayToObject function| A5FindPropInArray function| A5FindPropInArray2 function| A5FilterPropertyArray function| A5ValidateNumber function| A5ArrayMove function| A5RemoveHTMLWrapper function| HTMLesc function| a5_layout_cont_bands function| a5_layout_cont_singlebands function| a5_layout_cont_singlebands_onload function| a5_layout_cont_tabs function| a5_layout_cont_genie function| klass function| a5_AJAX_autoSuggest function| a5_AJAX_editCombo function| a5_AJAX_tree function| a5_AJAX_window function| a5_AJAX_accordion function| a5_AJAX_tab function| a5_AJAX_genie function| a5_AJAX_repeatingForm function| $JS function| calcURL function| jQuery object| TRAVEFTLOG_DlgObj boolean| ele string| o2 function| verifyReCaptcha object| RGraph function| $p function| $$a function| $cl function| __preventDefault string| colType object| tempOrigVal object| dataObj object| closure_lm_968433 boolean| flagStopOnFirstTrue

3 Cookies

Domain/Path Name / Value
www.travelers.com/ Name: .AspNetCore.Culture
Value: c=en-US|uic=en-US
.travelers.com/ Name: dtCookie
Value: v_4_srv_3_sn_D3157D0E66E2B80191AE97FFB254BE22_perc_100000_ol_0_mul_1_rcs-3Acss_0
stayonautopay.travelers.com/ Name: A5WSessionId
Value: 7fa80d4544b94781ba5ad873f4263ddd

1 Console Messages

Source Level URL
Text
network error URL: https://ajax.googleapis.com/ajax/libs/jqueryui/3.5.1/jquery-ui.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.gstatic.com
stayonautopay.travelers.com
travelers.com
www.google.com
www.gstatic.com
www.travelers.com
104.111.214.40
170.202.248.56
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2003
2a00:1450:4001:829::200a
66.6.117.35
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fa4f9dedf88006bdd996972c859ad02df6a3ffc2c89dde82c2dccbc79e8bbb6
3217c26a892c85475c97cd5e230c22bc693f377bd20d09cad1b543262b2c8698
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
5145f1e6554c7af3898a90ca67886c601c89de4afa45a6190315da7d9d04c1e4
65e7deaec9ea5da70af99724bce951801034a6a923c7e6ccbc76b264087202dd
7f4c8b83d850d4e8da3c5fa5b9006f10d0c0cf2c8e91ff214335935556015184
83363570c3c9a1aec523c81ab520a9f02a084714afbf3bd85a4f88b773552e14
89567d8c6d40b4b724c621cd789d46041d7312ca07647afd0f8ce3939e3631cc
8d99e57bcb667148a39b7e19ed4597db2ad86bbb6ae106cbe4656dac744430fd
934efc7c2557fd5868160bcaebc6277b557371ef6ef087d227b79bd609775fe2
d548ccd9d9ffb8765c31b8575ec603f5cb1516cf549630e86933a362e978fae5
d78ee501fd3af17e979356da8b12261e4647ea87c01df316a742de9deb090eda
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563
eaa31998de2c3b906f90a7987b98d3737b4b9e4897c90e909094c8a9a21f0b43
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d