Submitted URL: https://t.sidekickopen77.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPdSD1CW4Y8ZcM2zGr7TTCPh91PWSrl103?te=W3R5hFj26QkG_W...
Effective URL: https://www.claimsdetective.com/
Submission: On September 19 via manual from US — Scanned from DE

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 92 HTTP transactions. The main IP is 95.217.236.5, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is www.claimsdetective.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 23rd 2022. Valid for: 3 months.
This is the only time www.claimsdetective.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 27 95.217.236.5 24940 (HETZNER-AS)
3 22 151.101.65.181 54113 (FASTLY)
4 18.66.15.6 16509 (AMAZON-02)
2 3.90.127.109 14618 (AMAZON-AES)
25 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 5 74.208.223.187 8560 (IONOS-AS ...)
5 5 2.18.169.211 16625 (AKAMAI-AS)
2 5 18.215.218.210 14618 (AMAZON-AES)
2 3 107.21.27.26 14618 (AMAZON-AES)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 2 2600:1f18:ed:... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.55.138.107 ()
1 2a04:4e42::485 ()
92 13
Apex Domain
Subdomains
Transfer
30 vidyard.com
play.vidyard.com — Cisco Umbrella Rank: 10104
cdn.vidyard.com — Cisco Umbrella Rank: 15837
assets.vidyard.com — Cisco Umbrella Rank: 21200
raw.vidyard.com
1 MB
27 claimsdetective.com
claimsdetective.com
www.claimsdetective.com
1 MB
25 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8803
va.tawk.to
217 KB
10 liadm.com
p.liadm.com — Cisco Umbrella Rank: 8531
i.liadm.com — Cisco Umbrella Rank: 604
i6.liadm.com — Cisco Umbrella Rank: 2194
4 KB
10 feedblitz.com
feedads.feedblitz.com — Cisco Umbrella Rank: 336307
spsec.feedblitz.com — Cisco Umbrella Rank: 326852
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
110 KB
2 mikle.com
feed.mikle.com — Cisco Umbrella Rank: 46704
6 KB
1 jsdelivr.net
cdn.jsdelivr.net
53 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
673 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
33 KB
1 sidekickopen77.com
t.sidekickopen77.com — Cisco Umbrella Rank: 930189
416 B
92 11
Domain Requested by
26 www.claimsdetective.com www.claimsdetective.com
feed.mikle.com
22 embed.tawk.to www.claimsdetective.com
embed.tawk.to
11 assets.vidyard.com play.vidyard.com
assets.vidyard.com
11 play.vidyard.com 3 redirects www.claimsdetective.com
play.vidyard.com
assets.vidyard.com
5 p.liadm.com 2 redirects feed.mikle.com
5 spsec.feedblitz.com 5 redirects
5 feedads.feedblitz.com 5 redirects
4 raw.vidyard.com assets.vidyard.com
4 cdn.vidyard.com www.claimsdetective.com
assets.vidyard.com
3 va.tawk.to embed.tawk.to
3 i.liadm.com 2 redirects feed.mikle.com
2 www.googletagmanager.com feed.mikle.com
www.googletagmanager.com
2 i6.liadm.com 1 redirects feed.mikle.com
2 feed.mikle.com www.claimsdetective.com
feed.mikle.com
1 cdn.jsdelivr.net embed.tawk.to
1 sync.mathtag.com 1 redirects
1 ajax.googleapis.com feed.mikle.com
1 claimsdetective.com 1 redirects
1 t.sidekickopen77.com 1 redirects
92 19

This site contains links to these domains. Also see Links.

Domain
detectives.mycase.com
claimsdetective.com
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
claimsdetective.com
cPanel, Inc. Certification Authority
2022-08-23 -
2022-11-21
3 months crt.sh
*.vidyard.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-12-24 -
2023-01-25
a year crt.sh
feed.mikle.com
AlphaSSL CA - SHA256 - G2
2022-04-12 -
2023-05-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-28 -
2023-05-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-21 -
2023-04-22
a year crt.sh

This page contains 7 frames:

Primary Page: https://www.claimsdetective.com/
Frame ID: A346B1F5DABBB20BF062ACD08DB80C01
Requests: 52 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Frame ID: 877C11525BD7159A83D715DF7437D99E
Requests: 12 HTTP requests in this frame

Frame: https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Frame ID: 668F215B6133CCAE57B729CF5509438D
Requests: 18 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/min-widget.css
Frame ID: 6B15C2EF60AED5DEDF78AEC4CA3CE18C
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/message-preview.css
Frame ID: 291E8AC5659B13510401657132DF50A8
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Frame ID: 068BBCC72771D4C139A6B4D3FE5FC985
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/max-widget.css
Frame ID: D4B1272F898967F137E912AC5F4DD73E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Claims Detective - Insurance Claims and Legal Defense Investigations

Page URL History Show full URLs

  1. https://t.sidekickopen77.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPdSD1CW4Y8ZcM2zGr7TTCPh91PWSrl1... HTTP 307
    http://claimsdetective.com/ HTTP 301
    https://www.claimsdetective.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

92
Requests

88 %
HTTPS

38 %
IPv6

11
Domains

19
Subdomains

13
IPs

5
Countries

2668 kB
Transfer

5180 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.sidekickopen77.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPdSD1CW4Y8ZcM2zGr7TTCPh91PWSrl103?te=W3R5hFj26QkG_W3ZSyGV4cHDgdW3K2B2X4kCBqm4mLXp1&si=8000000000170322&pi=fe057518-0924-4578-a591-787474c8a003 HTTP 307
    http://claimsdetective.com/ HTTP 301
    https://www.claimsdetective.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV.jpg HTTP 302
  • https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
Request Chain 30
  • https://feedads.feedblitz.com/i/marquee/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176036 HTTP 301
  • https://spsec.feedblitz.com/imp?s=176036&t=newsletter&layout=marquee&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f HTTP 301
  • https://p.liadm.com/imp?s=176036&t=newsletter&layout=marquee&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksjdepghqp6dsbm8zveh
Request Chain 31
  • https://feedads.feedblitz.com/i/1x1/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176037 HTTP 301
  • https://spsec.feedblitz.com/imp?s=176037&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f HTTP 301
  • https://p.liadm.com/imp?s=176037&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2kskap6g6ff24d68h8wwk HTTP 302
  • https://i.liadm.com/s/section/176037?m=4e7909bec1628e5f1fd85122fa948d5b&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&sh2=&source=safe_rtb HTTP 303
  • https://i.liadm.com/s/section/176037?sh2=&source=safe_rtb&m=4e7909bec1628e5f1fd85122fa948d5b&_li_chk=true&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&previous_uuid=5643985748a44a578dd5c3919768dc30 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F1267%2F0%2F7c377c6d7d3743c1be30be7bbc304b2a%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&56439857-48a4-4a57-8dd5-c3919768dc30 HTTP 302
  • https://i.liadm.com/s/e/1267/0/7c377c6d7d3743c1be30be7bbc304b2a?mpid=7156&muid=d0696329-007d-4200-b21f-0af1b750f52a
Request Chain 32
  • https://feedads.feedblitz.com/i/1x1/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176038 HTTP 301
  • https://spsec.feedblitz.com/imp?s=176038&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f HTTP 301
  • https://p.liadm.com/imp?s=176038&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm32x48w4s4hd477y34 HTTP 302
  • https://i6.liadm.com/s/section/176038?m=4e7909bec1628e5f1fd85122fa948d5b&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&sh2=&source=safe_rtb HTTP 303
  • https://i6.liadm.com/s/section/176038?sh2=&source=safe_rtb&m=4e7909bec1628e5f1fd85122fa948d5b&_li_chk=true&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&previous_uuid=bf23db4b2f984701b59de8448642dfa0
Request Chain 33
  • https://feedads.feedblitz.com/i/116x15/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176039 HTTP 301
  • https://spsec.feedblitz.com/imp?s=176039&t=newsletter&sz=116x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f HTTP 301
  • https://p.liadm.com/imp?s=176039&t=newsletter&sz=116x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm5gy24meh2t4ntqwa9
Request Chain 34
  • https://feedads.feedblitz.com/i/69x15/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176040 HTTP 301
  • https://spsec.feedblitz.com/imp?s=176040&t=newsletter&sz=69x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f HTTP 301
  • https://p.liadm.com/imp?s=176040&t=newsletter&sz=69x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm9arpbd9ssrc7jvpkx
Request Chain 53
  • https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV.jpg HTTP 302
  • https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
Request Chain 67
  • https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV.jpg HTTP 302
  • https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg

92 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.claimsdetective.com/
Redirect Chain
  • https://t.sidekickopen77.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPdSD1CW4Y8ZcM2zGr7TTCPh91PWSrl103?te=W3R5hFj26QkG_W3ZSyGV4cHDgdW3K2B2X4kCBqm4mLXp1&si=8000000000170322&pi=fe057518-0924-457...
  • http://claimsdetective.com/
  • https://www.claimsdetective.com/
12 KB
12 KB
Document
General
Full URL
https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
6ebabf91a17162b4ac8375f2838abd960d2455bebf7f7fd37efd0c54997b3013

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
12201
Content-Type
text/html
Date
Mon, 19 Sep 2022 23:51:21 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Sun, 28 Feb 2021 05:47:17 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
240
Content-Security-Policy
upgrade-insecure-requests;
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 19 Sep 2022 23:51:21 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.claimsdetective.com/
Server
Apache
style_new.css
www.claimsdetective.com/css/
9 KB
9 KB
Stylesheet
General
Full URL
https://www.claimsdetective.com/css/style_new.css
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
0de5babc21782fddcaf73bc2fdba541184c45ecaf8e128f96505c10bbe16f2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Wed, 02 Jan 2019 14:51:29 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
9311
responsive.css
www.claimsdetective.com/css/
9 KB
9 KB
Stylesheet
General
Full URL
https://www.claimsdetective.com/css/responsive.css
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
652494481337868517f82c3841b8031a4d6da09cc7195dc7cee10c7c846978e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:24:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9397
jquery-1.8.0.min.js
www.claimsdetective.com/js/
90 KB
91 KB
Script
General
Full URL
https://www.claimsdetective.com/js/jquery-1.8.0.min.js
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
1426dda2296f2b2b035320f291f8737b149bc52622084a20bdd2965997b49015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:31:07 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
92554
logo.png
www.claimsdetective.com/images/img/
51 KB
51 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/logo.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
ebc569a4e96471374d65424eec7b417f8e5b648b37fe26e5e0b40179d2cec766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:14 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
52224
banner.jpg
www.claimsdetective.com/images/img/
72 KB
73 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/banner.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
a508b5c8bb33a4e52c5551632028921d7384f32b7814ec5344ebf73c269f35cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Wed, 11 Mar 2020 22:15:37 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
74007
experience.png
www.claimsdetective.com/images/img/
2 KB
3 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/experience.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
d43fd2308e8f4d9c6e1b4450c9d4a6b69d3413fb0f90d3f77522911d82b9e754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:06 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2497
quality.png
www.claimsdetective.com/images/img/
5 KB
5 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/quality.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
6bc457c62de397a59ba1541ea02fff25efb1d12d35a16e58be7f3eaa22aee5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:15 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4890
price.png
www.claimsdetective.com/images/img/
3 KB
3 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/price.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
dac0551d364ab935176e4a2befd4919f8b9246b6880023c941df605159b521d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:14 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2899
v4.js
play.vidyard.com/embed/
70 KB
23 KB
Script
General
Full URL
https://play.vidyard.com/embed/v4.js
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa848ca39deb643644932e33c816c3c90d6a24eea2bd46c39e7df79451a177b7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:21 GMT
content-encoding
gzip
vary
X-China, accept-language, Accept-Encoding
age
1189156
x-cache
HIT
x-cache-hits
12
content-length
22949
x-served-by
cache-hhn4053-HHN
x-china
0
last-modified
Tue, 02 Aug 2022 19:57:00 GMT
etag
"d979332125bf1325ea3e8da540c94eb4"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
NybrcZu_ZxMWhoRwIp5oJw.jpg
cdn.vidyard.com/thumbnails/7180818/
Redirect Chain
  • https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV.jpg
  • https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
258 KB
259 KB
Image
General
Full URL
https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
H2
Server
18.66.15.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-6.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6265744ac2539517bec89432e9951d1e4785bf64e1c9ab0339396d12ad376d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:22 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
VIE50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
STANDARD_IA
content-length
263986
last-modified
Wed, 19 Feb 2020 17:58:20 GMT
server
AmazonS3
etag
"b6015c8baf69e2c92e456769b20b3d57"
vary
Origin
x-amz-version-id
AcTF_5ZANHu4MCu2d3XL0vpjtUV_i7ev
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
5LbfaLMMDNSWDVfW-JZRyocSFID0YuTJmF9HJ_Xq35ZbfiQBuihzYA==

Redirect headers

date
Mon, 19 Sep 2022 23:51:21 GMT
via
1.1 varnish
age
0
x-cache
MISS
strict-transport-security
max-age=31557600
content-length
91
x-served-by
cache-hhn4053-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631482.612535,VS0,VE203
location
https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
vary
Accept, X-China, accept-language
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
img1.jpg
www.claimsdetective.com/images/img/
12 KB
12 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/img1.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:07 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12446
img2.jpg
www.claimsdetective.com/images/img/
12 KB
12 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/img2.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:08 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
12446
img3.jpg
www.claimsdetective.com/images/img/
12 KB
12 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/img3.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:09 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
12446
img4.jpg
www.claimsdetective.com/images/img/
12 KB
12 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/img4.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:10 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
12446
img5.jpg
www.claimsdetective.com/images/img/
12 KB
12 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/img5.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:12 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
12446
img6.jpg
www.claimsdetective.com/images/img/
12 KB
12 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/img6.jpg
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:13 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12446
sponsor1.png
www.claimsdetective.com/images/img/
24 KB
24 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/sponsor1.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
d7d65b54d92a7432f13856f0461ce909f05f576347fba4c3281fdb6f13ed585f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
24783
sponor2.png
www.claimsdetective.com/images/img/
35 KB
35 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/sponor2.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
2a114a0fa64045bb8bfa5d0360170a84e846c879f2e8ee3366377e31e9ba3def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:15 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
35414
sponor3.png
www.claimsdetective.com/images/img/
35 KB
35 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/sponor3.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
5a4aa8af461d7623dd8af3e41f43fb34ec213bccbe08fc9e5d9cb899f701c81a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
35488
msg_icon.png
www.claimsdetective.com/images/img/
1 KB
1 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/msg_icon.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
033042b795972c6653c543b171ea8a7bb929c4a1ec25358cb7972e381e32bdc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/css/style_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:14 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1232
phone_icon.png
www.claimsdetective.com/images/img/
1 KB
1 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/phone_icon.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
e3d30decb80ba2113bb894f387354cd062daccef7bffb39e608b76bbda102f6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/css/style_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:15 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1244
fax_icon.png
www.claimsdetective.com/images/img/
1 KB
2 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/fax_icon.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
008e94b1f10e4a71ef60fea2f3b47115506d96897cc047746987a4f19d45783e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/css/style_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:06 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1294
lato-regular.ttf
www.claimsdetective.com/fonts/
642 KB
642 KB
Font
General
Full URL
https://www.claimsdetective.com/fonts/lato-regular.ttf
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780

Request headers

Referer
https://www.claimsdetective.com/css/style_new.css
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:27:08 GMT
Server
Apache
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
657212
rssmikle.js
feed.mikle.com/js/
7 KB
2 KB
Script
General
Full URL
https://feed.mikle.com/js/rssmikle.js
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.127.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-127-109.compute-1.amazonaws.com
Software
nginx/1.14.0 /
Resource Hash
bdb781a171f405a5db9daf0b775ba16e3d9d90a9ea84abf867c034eec36c22d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.claimsdetective.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 19 Sep 2022 23:51:22 GMT
content-encoding
gzip
last-modified
Wed, 30 May 2018 13:29:10 GMT
server
nginx/1.14.0
etag
W/"5b0ea726-1c39"
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
0
expires
Wed, 19 Oct 2022 23:51:22 GMT
arrw.png
www.claimsdetective.com/images/img/
1 KB
1 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/arrw.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
53d031477e0bc12fe4ebbdb23609ba6529b7e615fe60eae1aa147ff9b6f262d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/css/style_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1080
footer_social_icons.png
www.claimsdetective.com/images/img/
5 KB
5 KB
Image
General
Full URL
https://www.claimsdetective.com/images/img/footer_social_icons.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
b5f700d00d02520359f0cc984b39cf5e2df13879638436b1d74049fee4ad2a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/css/style_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:21 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:07 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
5224
/
feed.mikle.com/widget/ Frame 877C
14 KB
4 KB
Document
General
Full URL
https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/js/rssmikle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.127.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-127-109.compute-1.amazonaws.com
Software
nginx/1.14.0 /
Resource Hash
0dd67f75f7b0155f612b79656f5a63975a2231657200c611ecea326dd8674493
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.claimsdetective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 23:51:23 GMT
server
nginx/1.14.0
x-xss-protection
0
default
embed.tawk.to/5d5ab64beb1a6b0be6083d16/
2 KB
938 B
Script
General
Full URL
https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445e43eee8002fe6a9c4ee6bae646ef1a89c5bb24bc98d70ad3544e259bd0728
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"stable-v4-63258f417d7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63a9f1d6f9bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style_new.css
www.claimsdetective.com/css/ Frame 877C
9 KB
9 KB
Stylesheet
General
Full URL
https://www.claimsdetective.com/css/style_new.css
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
0de5babc21782fddcaf73bc2fdba541184c45ecaf8e128f96505c10bbe16f2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:23 GMT
Last-Modified
Wed, 02 Jan 2019 14:51:29 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
9311
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 877C
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 23:28:25 GMT
imp
p.liadm.com/ Frame 877C
Redirect Chain
  • https://feedads.feedblitz.com/i/marquee/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176036
  • https://spsec.feedblitz.com/imp?s=176036&t=newsletter&layout=marquee&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f
  • https://p.liadm.com/imp?s=176036&t=newsletter&layout=marquee&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=f...
70 B
262 B
Image
General
Full URL
https://p.liadm.com/imp?s=176036&t=newsletter&layout=marquee&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksjdepghqp6dsbm8zveh
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
HTTP/1.1
Server
18.215.218.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-218-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3f41691309fb9f9997fa4d5f28a02dbc8edacad3ed07f11972820d57afe250ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
70
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 23:51:24 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=176036&t=newsletter&layout=marquee&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksjdepghqp6dsbm8zveh
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 19 Sep 2022 23:51:24 GMT
7c377c6d7d3743c1be30be7bbc304b2a
i.liadm.com/s/e/1267/0/ Frame 877C
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176037
  • https://spsec.feedblitz.com/imp?s=176037&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f
  • https://p.liadm.com/imp?s=176037&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301b...
  • https://i.liadm.com/s/section/176037?m=4e7909bec1628e5f1fd85122fa948d5b&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&sh2=&source=safe_rtb
  • https://i.liadm.com/s/section/176037?sh2=&source=safe_rtb&m=4e7909bec1628e5f1fd85122fa948d5b&_li_chk=true&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&previous_uuid=5643985748a44a578dd5c3919768dc30
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F1267%2F0%2F7c377c6d7d3743c1be30be7bbc304b2a%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&56439857-48a4-4a57-8dd5-c3919...
  • https://i.liadm.com/s/e/1267/0/7c377c6d7d3743c1be30be7bbc304b2a?mpid=7156&muid=d0696329-007d-4200-b21f-0af1b750f52a
43 B
257 B
Image
General
Full URL
https://i.liadm.com/s/e/1267/0/7c377c6d7d3743c1be30be7bbc304b2a?mpid=7156&muid=d0696329-007d-4200-b21f-0af1b750f52a
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
HTTP/1.1
Server
107.21.27.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-27-26.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:26 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Mon, 19 Sep 2022 23:51:25 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/1267/0/7c377c6d7d3743c1be30be7bbc304b2a?mpid=7156&muid=d0696329-007d-4200-b21f-0af1b750f52a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 23:51:24 GMT
176038
i6.liadm.com/s/section/ Frame 877C
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176038
  • https://spsec.feedblitz.com/imp?s=176038&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f
  • https://p.liadm.com/imp?s=176038&t=newsletter&sz=1x1&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301b...
  • https://i6.liadm.com/s/section/176038?m=4e7909bec1628e5f1fd85122fa948d5b&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&sh2=&source=safe_rtb
  • https://i6.liadm.com/s/section/176038?sh2=&source=safe_rtb&m=4e7909bec1628e5f1fd85122fa948d5b&_li_chk=true&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&previous_uuid=bf23db4b2f984701b59de8448642dfa0
43 B
419 B
Image
General
Full URL
https://i6.liadm.com/s/section/176038?sh2=&source=safe_rtb&m=4e7909bec1628e5f1fd85122fa948d5b&_li_chk=true&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&previous_uuid=bf23db4b2f984701b59de8448642dfa0
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:d086:cb06:cbae:712b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:25 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
/s/section/176038?sh2=&source=safe_rtb&m=4e7909bec1628e5f1fd85122fa948d5b&_li_chk=true&sh1=cb83615b2045d56557f2e4a76cbb21d673930fff&previous_uuid=bf23db4b2f984701b59de8448642dfa0
Date
Mon, 19 Sep 2022 23:51:25 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
imp
p.liadm.com/ Frame 877C
Redirect Chain
  • https://feedads.feedblitz.com/i/116x15/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176039
  • https://spsec.feedblitz.com/imp?s=176039&t=newsletter&sz=116x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f
  • https://p.liadm.com/imp?s=176039&t=newsletter&sz=116x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc3...
50 B
242 B
Image
General
Full URL
https://p.liadm.com/imp?s=176039&t=newsletter&sz=116x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm5gy24meh2t4ntqwa9
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
HTTP/1.1
Server
18.215.218.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-218-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ce7f3ef4e134682f681e89457ce19125fcd9c185395b9af5e16bc0d804ac8e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 23:51:24 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=176039&t=newsletter&sz=116x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm5gy24meh2t4ntqwa9
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 19 Sep 2022 23:51:24 GMT
imp
p.liadm.com/ Frame 877C
Redirect Chain
  • https://feedads.feedblitz.com/i/69x15/374f7f1d4c3582bc2954e0218ab8998a/59919584/61bcdd3f615b1c4b12274331e3c3491f/oem/176040
  • https://spsec.feedblitz.com/imp?s=176040&t=newsletter&sz=69x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f
  • https://p.liadm.com/imp?s=176040&t=newsletter&sz=69x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc30...
48 B
240 B
Image
General
Full URL
https://p.liadm.com/imp?s=176040&t=newsletter&sz=69x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm9arpbd9ssrc7jvpkx
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
HTTP/1.1
Server
18.215.218.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-218-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0c6ff1957dce4ce68b1558740bdcc07ca8398a5f1259609e4c7ed6785d84e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
48
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 23:51:24 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=176040&t=newsletter&sz=69x15&li=59919584&m=4e7909bec1628e5f1fd85122fa948d5b&sh=cb83615b2045d56557f2e4a76cbb21d673930fff&p=61bcdd3f615b1c4b12274331e3c3491f&_lc2_fpi=fdbfc301baa5--01gdc2ksm9arpbd9ssrc7jvpkx
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 19 Sep 2022 23:51:24 GMT
gtm.js
www.googletagmanager.com/ Frame 877C
92 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXZ4MVV
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18980a3bb0fcabed1da83da3e8e15ab9f4def0db1a0493798676ace376e5fb28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36967
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 23:32:28 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 23:51:24 GMT
rss.png
www.claimsdetective.com/images/ Frame 877C
608 B
849 B
Image
General
Full URL
https://www.claimsdetective.com/images/rss.png
Requested by
Host: www.claimsdetective.com
URL: https://www.claimsdetective.com/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.217.236.5 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.claimsdetective.com
Software
Apache /
Resource Hash
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/css/style_new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 23:51:24 GMT
Last-Modified
Sat, 29 Dec 2018 23:28:02 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
608
lato-regular.ttf
www.claimsdetective.com/fonts/ Frame 877C
0
0

js
www.googletagmanager.com/gtag/ Frame 877C
210 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GL3X8DPJW3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXZ4MVV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7df1a9dfdfbe7e699356c3c9005ab8b463f7e6609ccceebfe0c6ad24f7ebfde7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:24 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75067
x-xss-protection
0
expires
Mon, 19 Sep 2022 23:51:24 GMT
JPwHHbPqZprmj2WFMK6AUV
play.vidyard.com/
0
2 KB
Other
General
Full URL
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
gzip
vary
X-China, accept-language, Accept-Encoding
age
0
x-cache
HIT
content-length
1466
x-served-by
cache-hhn4026-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631486.140745,VS0,VE178
etag
W/"dd7-EAitrJb5x3SZcXw/3B2ou3EIk3c"
strict-transport-security
max-age=31557600
content-type
text/html; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
JPwHHbPqZprmj2WFMK6AUV
play.vidyard.com/ Frame 668F
3 KB
2 KB
Document
General
Full URL
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b49a3eed998accdfa115921b38e0aad799a94ed530cdfcb45aba898f359a3985
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.claimsdetective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1466
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 23:51:26 GMT
etag
W/"dd7-EAitrJb5x3SZcXw/3B2ou3EIk3c"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31557600
vary
X-China, accept-language, Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-china
0
x-served-by
cache-hhn4053-HHN
x-timer
S1663631486.129593,VS0,VE189
style.js
play.vidyard.com/v4/JPwHHbPqZprmj2WFMK6AUV/
176 B
278 B
Script
General
Full URL
https://play.vidyard.com/v4/JPwHHbPqZprmj2WFMK6AUV/style.js?callback=window.VidyardV4.jsonp.style_JPwHHbPqZprmj2WFMK6AUV.done
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b7fd1db1c44ee85a60f0f70fe35191e306aaad8d69c31de62ce50947a82b852
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
vary
X-China, accept-language, Accept-Encoding
content-length
136
via
1.1 varnish
x-served-by
cache-hhn4053-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631486.129780,VS0,VE262
etag
W/"b0-500JGje/bNhWcWD2GJXKErPiozQ"
strict-transport-security
max-age=31557600
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
integrations.js
play.vidyard.com/v4/JPwHHbPqZprmj2WFMK6AUV/
176 B
261 B
Script
General
Full URL
https://play.vidyard.com/v4/JPwHHbPqZprmj2WFMK6AUV/integrations.js?callback=window.VidyardV4.jsonp.integrations_JPwHHbPqZprmj2WFMK6AUV.done
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a376e0a0271c07fe56757905c92da5571b868352b8fda6044d6e67269948ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
vary
X-China, accept-language, Accept-Encoding
content-length
132
via
1.1 varnish
x-served-by
cache-hhn4053-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631486.133441,VS0,VE310
etag
W/"b0-0U6c1XazWYGrjk5SgiuFH8naUpc"
strict-transport-security
max-age=31557600
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
details.js
play.vidyard.com/v4/JPwHHbPqZprmj2WFMK6AUV/
152 B
228 B
Script
General
Full URL
https://play.vidyard.com/v4/JPwHHbPqZprmj2WFMK6AUV/details.js?callback=window.VidyardV4.jsonp.details_JPwHHbPqZprmj2WFMK6AUV.done
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3ef0c4bcc14e556b4c4577a8856f1c0cb968a304bb9d8cd2a74ab266672df39
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
vary
X-China, accept-language, Accept-Encoding
content-length
115
via
1.1 varnish
x-served-by
cache-hhn4053-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631486.133417,VS0,VE305
etag
W/"98-ocHpVDLjkqtwVpcU5GqlIDVdveA"
strict-transport-security
max-age=31557600
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
twk-main.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
121 B
361 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63ab47a139bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-vendor.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
76 KB
27 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63ab47a149bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
206 KB
61 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"81c2642aac0b88b6b237d279f5f8ce67"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63ab47a159bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-chunk-common.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
192 KB
40 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8aa8865f0996f9a34b51ec713b894bcd331308cf85a352a4f3c32d1f6364c98
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"c262969ff89da8a8b3994883a0f57085"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63ab47a169bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-runtime.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a380880c41d4cdd11dd066125259e83fcb3a7adcd43ef2a3c5a2f3524a75fd9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"31ca85b2b61bb42db4e40c2e9429f7dc"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63ab47a179bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-app.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
151 B
385 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d5ab64beb1a6b0be6083d16/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63ab47a189bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
runtime~main-93ba15eaeb58c05d33213b4b29232326.js
assets.vidyard.com/play/js/ Frame 668F
7 KB
2 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f0a71c5b44643d5129812c09f61fd0ec2854039a66ab1851911b8031da2ce1b

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530774
x-cache
HIT
content-length
2266
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:01 GMT
x-timer
S1663631486.386933,VS0,VE0
etag
"3e3b4544ae7aa6c578c46b4b7c128c66"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5357
main-0848513ab96834b7b8adae23e7926ac3.js
assets.vidyard.com/play/js/ Frame 668F
105 KB
14 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
7270208
x-cache
HIT
content-length
14298
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Mon, 27 Jun 2022 20:18:50 GMT
x-timer
S1663631486.386953,VS0,VE0
etag
"2ce8f04d821e84645ad08091b9f7ea27"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
14868
JPwHHbPqZprmj2WFMK6AUV.json
play.vidyard.com/player/ Frame 668F
5 KB
2 KB
Fetch
General
Full URL
https://play.vidyard.com/player/JPwHHbPqZprmj2WFMK6AUV.json?disable_popouts=1&v=4.3.10&type=inline
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b531efb7a9d67ac7d685f52810cfae56eb7149b073628fe2f1621fd14206b083
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
referrer
https://www.claimsdetective.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
gzip
vary
X-China, accept-language, Accept-Encoding
age
0
x-cache
MISS
content-length
2220
x-served-by
cache-hhn4053-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631486.420341,VS0,VE349
etag
W/"1433-h+KkJEPdeQJ+Enb5+FfAeyTyEUA"
strict-transport-security
max-age=31557600
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
NybrcZu_ZxMWhoRwIp5oJw.jpg
cdn.vidyard.com/thumbnails/7180818/
Redirect Chain
  • https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV.jpg
  • https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
258 KB
259 KB
Image
General
Full URL
https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
Protocol
H2
Server
18.66.15.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-6.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6265744ac2539517bec89432e9951d1e4785bf64e1c9ab0339396d12ad376d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:22 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-cdn
cloudfront
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
content-length
263986
last-modified
Wed, 19 Feb 2020 17:58:20 GMT
server
AmazonS3
etag
"b6015c8baf69e2c92e456769b20b3d57"
vary
Origin
x-amz-version-id
AcTF_5ZANHu4MCu2d3XL0vpjtUV_i7ev
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
QzJ88rjd56r760p-37qq2xmXgnQ5oB_G7ULpiixEqiyov12A4hnEmg==

Redirect headers

date
Mon, 19 Sep 2022 23:51:26 GMT
via
1.1 varnish
age
5
x-cache
HIT
strict-transport-security
max-age=31557600
content-length
91
x-served-by
cache-hhn4053-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631486.429547,VS0,VE0
location
https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
vary
Accept, X-China, accept-language
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
widget-settings
va.tawk.to/v1/
3 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5d5ab64beb1a6b0be6083d16&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea12d267c2c11d084c9bcfbd07ff64ef22e2ae2695d3d15d56c9e1bccd7ae940
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-mhqk
server
cloudflare
etag
W/"2-60-1"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
74d63ab72c099bb2-FRA
access-control-allow-headers
content-type,x-tawk-token
vendors~player~player-pomo~unreleased-8a13a06db3a658a9573f07a0bccb1eed.js
assets.vidyard.com/play/js/ Frame 668F
158 KB
41 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-8a13a06db3a658a9573f07a0bccb1eed.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0707f40feae4dd8129c8d27c2f78c65f7ebef33ce8c05c875cca4aaccdf1a0a0

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530773
x-cache
HIT
content-length
41543
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:01 GMT
x-timer
S1663631487.778035,VS0,VE0
etag
"9f1e8ef0c1ec0198999c7791ef9092c5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5220
vendors~access-code~player-pomo~whitelisted-embed-009e1d5d1a2746d95d11a6333f7bd6b5.js
assets.vidyard.com/play/js/ Frame 668F
102 KB
29 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-009e1d5d1a2746d95d11a6333f7bd6b5.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abb77a867a7bac44eddc527b0ef9c6925b0e5dc067fc16adae7a74e626515ce9

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
2863552
x-cache
HIT
content-length
29223
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Wed, 17 Aug 2022 20:24:40 GMT
x-timer
S1663631487.778223,VS0,VE0
etag
"077988535b048cf7116c6b49de360602"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
14406
vendors~player-pomo-52fe052c016aca18ede25f2814ea7232.js
assets.vidyard.com/play/js/ Frame 668F
613 KB
104 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/vendors~player-pomo-52fe052c016aca18ede25f2814ea7232.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
346ffbe1df0fea3aa3f3968c291687186f978ffdd6d322e6722a73652b59fd5c

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
2420562
x-cache
HIT
content-length
106459
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Mon, 22 Aug 2022 21:38:40 GMT
x-timer
S1663631487.778216,VS0,VE0
etag
"c0aadf6d7c2d6deefa0cd7e9f5040cd8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
14591
player-pomo-b445676c8703a6024e7ec6b5cf4c9a32.css
assets.vidyard.com/play/stylesheets/ Frame 668F
39 KB
8 KB
Stylesheet
General
Full URL
https://assets.vidyard.com/play/stylesheets/player-pomo-b445676c8703a6024e7ec6b5cf4c9a32.css
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
966c98c7cb34ac400291963ec879cc152b653a48126808150f98dc031e2db573

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530773
x-cache
HIT
content-length
7676
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:01 GMT
x-timer
S1663631487.778749,VS0,VE0
etag
"671899d93e62428c23089b3cb1aeef7d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5138
player-pomo-b445676c8703a6024e7ec6b5cf4c9a32.js
assets.vidyard.com/play/js/ Frame 668F
264 KB
52 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/player-pomo-b445676c8703a6024e7ec6b5cf4c9a32.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb7adc7a4d4c96abff54d0896e3882201e37c765f38872a33662420be0f5264f

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530773
x-cache
HIT
content-length
53494
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:00 GMT
x-timer
S1663631487.778871,VS0,VE0
etag
"9518ace95e16b1da9c8584c0288432fa"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5209
start
va.tawk.to/v1/session/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.claimsdetective.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.claimsdetective.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d63ab8fe599bb2-FRA
date
Mon, 19 Sep 2022 23:51:27 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-mhqk
start
va.tawk.to/v1/session/
1 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54473e7020546840d1975b574d1440d82c9b44ca5e450f2cbad5c77f83db8f9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.claimsdetective.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
content-type,x-tawk-token
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.claimsdetective.com
access-control-allow-credentials
true
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
74d63aba8e40bb9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-jq5k
JPwHHbPqZprmj2WFMK6AUV
play.vidyard.com/video/ Frame 668F
181 B
294 B
XHR
General
Full URL
https://play.vidyard.com/video/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
454e79f8d90698cf94a85f294b9bb26af6f8bea5849a8871a0fce3fa6e32e420
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
gzip
vary
X-China, accept-language, Accept-Encoding
age
0
x-cache
MISS
content-length
165
x-served-by
cache-hhn4053-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631487.944901,VS0,VE237
etag
W/"b5-TGRacE49t3TADvtSQmrEs078Kg8"
strict-transport-security
max-age=31557600
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
assets.vidyard.com/play/js/ Frame 668F
438 KB
98 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b506149960b2fff2e53d7c4a5f77d61f4c6dde17727d57ce625325a6f8def0cf

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
1813997
x-cache
HIT
content-length
99844
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 26 Aug 2022 16:52:21 GMT
x-timer
S1663631487.955314,VS0,VE0
etag
"f49707c09cf7ee4b05a5a3fbb208269f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
14181
6-775cd811b7a2be50ac8fe441e5080991.css
assets.vidyard.com/play/stylesheets/ Frame 668F
181 B
276 B
Stylesheet
General
Full URL
https://assets.vidyard.com/play/stylesheets/6-775cd811b7a2be50ac8fe441e5080991.css
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530773
x-cache
HIT
content-length
103
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:01 GMT
x-timer
S1663631487.955448,VS0,VE0
etag
"5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5000
6-775cd811b7a2be50ac8fe441e5080991.js
assets.vidyard.com/play/js/ Frame 668F
13 KB
4 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/6-775cd811b7a2be50ac8fe441e5080991.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5fb5c0cddfccd7082e19db7e72fe29c8d3871b2360a673a938bd4c070f119e5c

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530773
x-cache
HIT
content-length
3643
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:00 GMT
x-timer
S1663631487.955594,VS0,VE0
etag
"26429fff78a151831e05e96b660026e6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5023
36-d197f9d0f42386cdc3f46ddfe969545b.js
assets.vidyard.com/play/js/ Frame 668F
4 KB
2 KB
Script
General
Full URL
https://assets.vidyard.com/play/js/36-d197f9d0f42386cdc3f46ddfe969545b.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-93ba15eaeb58c05d33213b4b29232326.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f370a7bc7f5373900211ba3893ce00409e5b4d8f8b94d52f448a7e4dd55009bd

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
Origin
https://play.vidyard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:26 GMT
content-encoding
br
vary
Accept-Encoding
age
530774
x-cache
HIT
content-length
1428
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 13 Sep 2022 20:24:00 GMT
x-timer
S1663631487.955573,VS0,VE0
etag
"34ebc36dc5845089e76ca95d306d471a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
899
NybrcZu_ZxMWhoRwIp5oJw.jpg
cdn.vidyard.com/thumbnails/7180818/ Frame 668F
Redirect Chain
  • https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV.jpg
  • https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
258 KB
259 KB
Image
General
Full URL
https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
Protocol
H2
Server
18.66.15.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-6.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6265744ac2539517bec89432e9951d1e4785bf64e1c9ab0339396d12ad376d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:22 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-cdn
cloudfront
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
STANDARD_IA
content-length
263986
last-modified
Wed, 19 Feb 2020 17:58:20 GMT
server
AmazonS3
etag
"b6015c8baf69e2c92e456769b20b3d57"
vary
Origin
x-amz-version-id
AcTF_5ZANHu4MCu2d3XL0vpjtUV_i7ev
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
drmSAltlKIUjn-LRaH7HmKUUcj7kVhvBi7TI9mSa0R4456DXoG4caQ==

Redirect headers

date
Mon, 19 Sep 2022 23:51:26 GMT
via
1.1 varnish
age
5
x-cache
HIT
strict-transport-security
max-age=31557600
content-length
91
x-served-by
cache-hhn4053-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1663631487.968254,VS0,VE0
location
https://cdn.vidyard.com/thumbnails/7180818/NybrcZu_ZxMWhoRwIp5oJw.jpg
vary
Accept, X-China, accept-language
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
visitors
raw.vidyard.com/v2/ Frame
0
0
Preflight
General
Full URL
https://raw.vidyard.com/v2/visitors
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.138.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://play.vidyard.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Origin
access-control-allow-methods
POST, PUT
access-control-allow-origin
https://play.vidyard.com
access-control-max-age
86400
content-length
0
content-type
text/html;charset=utf-8
date
Mon, 19 Sep 2022 23:51:27 GMT
visitors
raw.vidyard.com/v2/ Frame 668F
50 B
195 B
XHR
General
Full URL
https://raw.vidyard.com/v2/visitors
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.138.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5d60cd3b9a427d5075fcc01bd239bda1cd3b4275823eca65dbc97af6dd86f6f

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://play.vidyard.com
date
Mon, 19 Sep 2022 23:51:27 GMT
x-vidyard-hostname
79b35cf441ea
content-length
50
content-type
application/json; charset=utf-8
master.m3u8
cdn.vidyard.com/media/hls/6uaGOt14ofarRjZk9yUUYg/,480p,sd,.mp4.urlset/ Frame 668F
282 B
634 B
XHR
General
Full URL
https://cdn.vidyard.com/media/hls/6uaGOt14ofarRjZk9yUUYg/,480p,sd,.mp4.urlset/master.m3u8?N0x7jYDOm6roTZ7tisHKx1Fj60oJXW8WWwQ-glEqgRZx3-risaQtAYrYH9JggHLTkyWFH82Kr_jOq9IvDcm5MC8wqnoRTjBP3DU1kNVOdnfbZBJ3AOS1H6kHmxQk5OIaoOhnbluAzLbCN1tQk-5EpxpZNEIBdR-nBuC3K2Pqh614y2dtROn5GDQ
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/7-264f8ea0dde8aed26f4c36cd5a46a5b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-6.vie50.r.cloudfront.net
Software
nginx/1.21.1 /
Resource Hash
6abd22edb22555377cdec816a18cabe3ae70a55f0f165d31f9b4f4b3a2f2f06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
via
1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
server
nginx/1.21.1
x-amz-cf-pop
VIE50-P1
etag
"-1-11a"
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
ETag,X-CDN
accept-ranges
bytes
content-length
282
x-cdn
cloudfront
x-amz-cf-id
o9YbZblfmFnScnJWOs7duTQc_JJRz7VjWYJmbb1JrxzlmIaQ_ej9YQ==
en.js
embed.tawk.to/_s/v4/app/63258f417d7/languages/
16 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224777
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"585ba00b2c167b90c210161454f843b5"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abb1effbb9d-FRA
player_loads
raw.vidyard.com/v2/ Frame 668F
68 B
213 B
XHR
General
Full URL
https://raw.vidyard.com/v2/player_loads
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.138.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
12039f6ee8f7da16181e20d468c585a3a17d473a71fe39ce99bf5ee613afd7c7

Request headers

Referer
https://play.vidyard.com/JPwHHbPqZprmj2WFMK6AUV?disable_popouts=1&v=4.3.10&type=inline
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://play.vidyard.com
date
Mon, 19 Sep 2022 23:51:27 GMT
x-vidyard-hostname
0485b930b40f
content-length
68
content-type
application/json; charset=utf-8
player_loads
raw.vidyard.com/v2/ Frame
0
0
Preflight
General
Full URL
https://raw.vidyard.com/v2/player_loads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.138.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://play.vidyard.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Origin
access-control-allow-methods
POST, PUT
access-control-allow-origin
https://play.vidyard.com
access-control-max-age
86400
content-length
0
content-type
text/html;charset=utf-8
date
Mon, 19 Sep 2022 23:51:27 GMT
twk-chunk-2c78ba82.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
7 KB
2 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224779
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"fac25ff2d2c405e1ac7e156dca1f819c"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd1924bb9d-FRA
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
16 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48abd4d8ecd9dc9c337b14e080423d47f6f2b714f64bdaf921983dfbd7a7772
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224779
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"c81a87996906c622b790a270c6d55ad1"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd1927bb9d-FRA
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
10 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1008daa24a6d7118d7fe965e27c87c59712d82b7a086dbd650abb7d39e022a70
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"58caeed4847c71d5d56ff03a611a735e"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd1929bb9d-FRA
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
15 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa50ebeb92ccf6186dae94ac83247865552a11b3a047434b79c773db1c91cbba
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"9d3c0030a62cf4f69093a0aea511a136"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd192abb9d-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
942 B
714 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224779
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd192cbb9d-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
546 B
604 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224779
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd192dbb9d-FRA
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
11 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"a92075fd9ac5ba130387a80453676099"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd192ebb9d-FRA
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/63258f417d7/js/
72 KB
16 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-32507910.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edf7ed3d497d8bc99ab6a4433739664726da6423c0a4f9c7686c83296666703
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"f10a53c04ef8191d522983c590674d5a"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd192fbb9d-FRA
min-widget.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame 6B15
24 KB
5 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
cf-polished
origSize=24960
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:02 GMT
server
cloudflare
etag
W/"80df9814fe6b98404ccc1df3c455ceaa"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd5969bb9d-FRA
cf-bgj
minify
message-preview.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame 291E
37 KB
8 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
cf-polished
origSize=38268
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"949ecc85ac578750ec9a03e5680f7b0e"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd697cbb9d-FRA
cf-bgj
minify
bubble-widget.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame 068B
13 KB
3 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224778
cf-polished
origSize=13594
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:02 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd8995bb9d-FRA
cf-bgj
minify
max-widget.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame D4B1
74 KB
14 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
224777
cf-polished
origSize=75771
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:02 GMT
server
cloudflare
etag
W/"0158db159e8967dbda5865ed6b2e435d"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abd99b4bb9d-FRA
cf-bgj
minify
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/
295 KB
53 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.claimsdetective.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
15777844
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19135-FRA, cache-hhn4057-HHN
date
Mon, 19 Sep 2022 23:51:27 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
31-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 068B
2 KB
1 KB
Image
General
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/31-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb9b7f5cfce50517c5dbda932dcc41331d29765a0af3f3d8172b5b380cdcc94
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2469305
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:18 GMT
server
cloudflare
etag
W/"354b0d356a926b16bbac81dff9f10b6c"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
74d63abdc9cfbb9d-FRA
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 068B
10 KB
11 KB
Font
General
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Origin
https://www.claimsdetective.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:51:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10520
last-modified
Sat, 22 May 2021 07:25:13 GMT
server
cloudflare
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
accept-ranges
bytes
cf-ray
74d63abdc9fa9bf4-FRA
v3
va.tawk.to/log-performance/
0
0

v3
va.tawk.to/log-performance/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.claimsdetective.com
URL
https://www.claimsdetective.com/fonts/lato-regular.ttf
Domain
va.tawk.to
URL
https://va.tawk.to/log-performance/v3
Domain
va.tawk.to
URL
https://va.tawk.to/log-performance/v3

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| vidyardEmbed function| setImmediate function| clearImmediate object| VidyardV4 object| Vidyard function| feedwind_show_widget_iframe object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp

4 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgUIBhCkEw
.t.sidekickopen77.com/ Name: _hetc
Value: 969f756b-f742-4035-8fb8-d16b9a945283|1663631481016|ACOD57cwLAIUCArzTSyn8Is5DijfyIVtKkL8XjwCFGceP1CY/zunGWNoDO9F9rekDJDf
.liadm.com/ Name: lidid
Value: bf23db4b-2f98-4701-b59d-e8448642dfa0
.mathtag.com/ Name: uuid
Value: d0696329-007d-4200-b21f-0af1b750f52a

5 Console Messages

Source Level URL
Text
javascript warning URL: https://www.claimsdetective.com/(Line 264)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://feed.mikle.com/js/rssmikle.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.claimsdetective.com/(Line 264)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://feed.mikle.com/js/rssmikle.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://feed.mikle.com/widget/?rssmikle_url=http%3A%2F%2Fwww.claimsjournal.com%2Frss%2Fnews&rssmikle_frame_width=100%25&rssmikle_frame_height=283&frame_height_by_article=0&rssmikle_target=_blank&rssmikle_font=Arial%2C%20Helvetica%2C%20sans-serif&rssmikle_font_size=12&rssmikle_border=off&responsive=off&rssmikle_css_url=https%3A%2F%2Fwww.claimsdetective.com%2Fcss%2Fstyle_new.css&text_align=left&text_align2=left&corner=off&scrollbar=off&autoscroll=off&scrolldirection=up&scrollstep=3&mcspeed=20&sort=New&rssmikle_title=on&rssmikle_title_sentence=%20Claims%20Journal%20News%20&rssmikle_title_bgcolor=%232A2A2A&rssmikle_title_color=%23FFFFFF&rssmikle_item_bgcolor=%232A2A2A&rssmikle_item_title_length=55&rssmikle_item_title_color=%238A8A8A&rssmikle_item_border_bottom=off&rssmikle_item_description=title_only&item_link=off&rssmikle_item_description_length=150&rssmikle_item_description_color=%23666666&rssmikle_item_date=off&rssmikle_timezone=Etc%2FGMT&datetime_format=%25b%20%25e%2C%20%25Y%20%25l%3A%25M%20%25p&item_description_style=text&item_thumbnail=full&item_thumbnail_selection=auto&article_num=7&rssmikle_item_podcast=off&
Message:
Access to font at 'https://www.claimsdetective.com/fonts/lato-regular.ttf' from origin 'https://feed.mikle.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.claimsdetective.com/fonts/lato-regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://play.vidyard.com/embed/v4.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.vidyard.com
cdn.jsdelivr.net
cdn.vidyard.com
claimsdetective.com
embed.tawk.to
feed.mikle.com
feedads.feedblitz.com
i.liadm.com
i6.liadm.com
p.liadm.com
play.vidyard.com
raw.vidyard.com
spsec.feedblitz.com
sync.mathtag.com
t.sidekickopen77.com
va.tawk.to
www.claimsdetective.com
www.googletagmanager.com
va.tawk.to
www.claimsdetective.com
107.21.27.26
151.101.65.181
18.215.218.210
18.66.15.6
185.29.134.248
2.18.169.211
2600:1f18:ed:550e:d086:cb06:cbae:712b
2606:4700:10::6816:1883
2606:4700::6812:815
2a00:1450:4001:802::2008
2a00:1450:4001:82a::200a
2a04:4e42::485
3.90.127.109
52.55.138.107
74.208.223.187
95.217.236.5
008e94b1f10e4a71ef60fea2f3b47115506d96897cc047746987a4f19d45783e
033042b795972c6653c543b171ea8a7bb929c4a1ec25358cb7972e381e32bdc6
0707f40feae4dd8129c8d27c2f78c65f7ebef33ce8c05c875cca4aaccdf1a0a0
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0c6ff1957dce4ce68b1558740bdcc07ca8398a5f1259609e4c7ed6785d84e361
0dd67f75f7b0155f612b79656f5a63975a2231657200c611ecea326dd8674493
0de5babc21782fddcaf73bc2fdba541184c45ecaf8e128f96505c10bbe16f2b9
1008daa24a6d7118d7fe965e27c87c59712d82b7a086dbd650abb7d39e022a70
12039f6ee8f7da16181e20d468c585a3a17d473a71fe39ce99bf5ee613afd7c7
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1426dda2296f2b2b035320f291f8737b149bc52622084a20bdd2965997b49015
18980a3bb0fcabed1da83da3e8e15ab9f4def0db1a0493798676ace376e5fb28
2a114a0fa64045bb8bfa5d0360170a84e846c879f2e8ee3366377e31e9ba3def
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
346ffbe1df0fea3aa3f3968c291687186f978ffdd6d322e6722a73652b59fd5c
3a376e0a0271c07fe56757905c92da5571b868352b8fda6044d6e67269948ac1
3f0a71c5b44643d5129812c09f61fd0ec2854039a66ab1851911b8031da2ce1b
3f41691309fb9f9997fa4d5f28a02dbc8edacad3ed07f11972820d57afe250ee
445e43eee8002fe6a9c4ee6bae646ef1a89c5bb24bc98d70ad3544e259bd0728
454e79f8d90698cf94a85f294b9bb26af6f8bea5849a8871a0fce3fa6e32e420
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
53d031477e0bc12fe4ebbdb23609ba6529b7e615fe60eae1aa147ff9b6f262d9
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5a4aa8af461d7623dd8af3e41f43fb34ec213bccbe08fc9e5d9cb899f701c81a
5f99561a2ae1da54e457450c40f45b5521f45bbb2652f6fe976d6c7aa0b42efc
5fb5c0cddfccd7082e19db7e72fe29c8d3871b2360a673a938bd4c070f119e5c
6265744ac2539517bec89432e9951d1e4785bf64e1c9ab0339396d12ad376d2d
652494481337868517f82c3841b8031a4d6da09cc7195dc7cee10c7c846978e5
6abd22edb22555377cdec816a18cabe3ae70a55f0f165d31f9b4f4b3a2f2f06c
6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8
6bc457c62de397a59ba1541ea02fff25efb1d12d35a16e58be7f3eaa22aee5c8
6ebabf91a17162b4ac8375f2838abd960d2455bebf7f7fd37efd0c54997b3013
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7a380880c41d4cdd11dd066125259e83fcb3a7adcd43ef2a3c5a2f3524a75fd9
7df1a9dfdfbe7e699356c3c9005ab8b463f7e6609ccceebfe0c6ad24f7ebfde7
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b7fd1db1c44ee85a60f0f70fe35191e306aaad8d69c31de62ce50947a82b852
8edf7ed3d497d8bc99ab6a4433739664726da6423c0a4f9c7686c83296666703
966c98c7cb34ac400291963ec879cc152b653a48126808150f98dc031e2db573
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
9eb9b7f5cfce50517c5dbda932dcc41331d29765a0af3f3d8172b5b380cdcc94
a508b5c8bb33a4e52c5551632028921d7384f32b7814ec5344ebf73c269f35cd
a5d60cd3b9a427d5075fcc01bd239bda1cd3b4275823eca65dbc97af6dd86f6f
aa848ca39deb643644932e33c816c3c90d6a24eea2bd46c39e7df79451a177b7
abb77a867a7bac44eddc527b0ef9c6925b0e5dc067fc16adae7a74e626515ce9
b49a3eed998accdfa115921b38e0aad799a94ed530cdfcb45aba898f359a3985
b506149960b2fff2e53d7c4a5f77d61f4c6dde17727d57ce625325a6f8def0cf
b531efb7a9d67ac7d685f52810cfae56eb7149b073628fe2f1621fd14206b083
b5f700d00d02520359f0cc984b39cf5e2df13879638436b1d74049fee4ad2a48
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
b8aa8865f0996f9a34b51ec713b894bcd331308cf85a352a4f3c32d1f6364c98
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
bdb781a171f405a5db9daf0b775ba16e3d9d90a9ea84abf867c034eec36c22d4
c54473e7020546840d1975b574d1440d82c9b44ca5e450f2cbad5c77f83db8f9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb7adc7a4d4c96abff54d0896e3882201e37c765f38872a33662420be0f5264f
ce7f3ef4e134682f681e89457ce19125fcd9c185395b9af5e16bc0d804ac8e74
d43fd2308e8f4d9c6e1b4450c9d4a6b69d3413fb0f90d3f77522911d82b9e754
d48abd4d8ecd9dc9c337b14e080423d47f6f2b714f64bdaf921983dfbd7a7772
d7d65b54d92a7432f13856f0461ce909f05f576347fba4c3281fdb6f13ed585f
dac0551d364ab935176e4a2befd4919f8b9246b6880023c941df605159b521d1
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d30decb80ba2113bb894f387354cd062daccef7bffb39e608b76bbda102f6d
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ea12d267c2c11d084c9bcfbd07ff64ef22e2ae2695d3d15d56c9e1bccd7ae940
ebc569a4e96471374d65424eec7b417f8e5b648b37fe26e5e0b40179d2cec766
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f370a7bc7f5373900211ba3893ce00409e5b4d8f8b94d52f448a7e4dd55009bd
f3ef0c4bcc14e556b4c4577a8856f1c0cb968a304bb9d8cd2a74ab266672df39
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fa50ebeb92ccf6186dae94ac83247865552a11b3a047434b79c773db1c91cbba
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867