urlscan.io logo urlscan.io
SecurityTrails logo

pages.travelers.com Open in urlscan Pro
13.111.116.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.travelers.com/?qs=2bf365d5a83d0dee1b9c9ece1306d09a8e7f92e1d6ab8cfc52561220b41f374344bc6f3c21bbbf233082695b0b46...
Effective URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_...
Submission: On May 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 42 HTTP transactions. The main IP is 13.111.116.222, located in United States and belongs to EXACT-7, US. The main domain is pages.travelers.com. The Cisco Umbrella rank of the primary domain is 831500.
This is the only time pages.travelers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.134.72 22606 (EXACT-7)
1 13.111.116.222 22606 (EXACT-7)
2 104.102.22.67 16625 (AKAMAI-AS)
1 13.111.116.223 22606 (EXACT-7)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
8 2a02:26f0:710... 20940 (AKAMAI-ASN1)
7 2600:9000:223... 16509 (AMAZON-02)
6 6 2600:9000:223... 16509 (AMAZON-02)
1 13.32.118.181 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.194.90.16 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.69 16509 (AMAZON-02)
1 2.23.209.171 20940 (AKAMAI-ASN1)
1 108.138.15.119 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.96.71.22 396982 (GOOGLE-CL...)
1 35.244.174.68 15169 (GOOGLE)
1 18.66.97.57 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 69.173.144.165 26667 (RUBICONPR...)
1 52.223.40.198 16509 (AMAZON-02)
1 52.20.75.109 14618 (AMAZON-AES)
42 24
1    13.111.134.72 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.travelers.com
click.email.travelers.com
1    13.111.116.222 (United States)

ASN22606 (EXACT-7, US)
PTR: pages.travelers.com
pages.travelers.com
2    104.102.22.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-22-67.deploy.static.akamaitechnologies.com
www.travelers.com
1    13.111.116.223 (United States)

ASN22606 (EXACT-7, US)
PTR: cloud.email.travelers.com
cloud.email.travelers.com
3    2a02:26f0:7100:195::1c65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.email.travelers.com
8    2a02:26f0:7100:18a::1c65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.email.travelers.com
7    2600:9000:223e:bc00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
6    2600:9000:223e:6c00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    13.32.118.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-181.fra60.r.cloudfront.net
d31y97ze264gaa.cloudfront.net
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    44.194.90.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-90-16.compute-1.amazonaws.com
st1.dialogtech.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.32.27.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net
scripts.demandbase.com
1    2.23.209.171 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-171.deploy.static.akamaitechnologies.com
service.maxymiser.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    18.66.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-57.fra56.r.cloudfront.net
api.company-target.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2600:1f18:612b:4280:cf99:3e16:9b41:8e25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    52.20.75.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-75-109.compute-1.amazonaws.com
st2.dialogtech.com
Apex Domain
Subdomains		 Transfer
16 travelers.com
click.email.travelers.com — Cisco Umbrella Rank: 80202
pages.travelers.com — Cisco Umbrella Rank: 831500
www.travelers.com — Cisco Umbrella Rank: 64618
cloud.email.travelers.com
image.email.travelers.com — Cisco Umbrella Rank: 79460
684 KB
13 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1027
25 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
2 KB
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1528
api.company-target.com — Cisco Umbrella Rank: 3147
3 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1353
insight.adsrvr.org — Cisco Umbrella Rank: 522
3 KB
2 dialogtech.com
st1.dialogtech.com — Cisco Umbrella Rank: 23693
st2.dialogtech.com — Cisco Umbrella Rank: 29837
1007 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
239 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1013
392 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6080
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 629
98 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
351 B
1 maxymiser.net
service.maxymiser.net — Cisco Umbrella Rank: 8513
6 KB
1 demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 9243
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
46 KB
1 cloudfront.net
d31y97ze264gaa.cloudfront.net
26 KB
42 17
Domain Requested by
13 tags.tiqcdn.com 6 redirects pages.travelers.com
11 image.email.travelers.com pages.travelers.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
pages.travelers.com
2 dsum-sec.casalemedia.com 1 redirects s.company-target.com
2 www.travelers.com pages.travelers.com
1 st2.dialogtech.com
1 insight.adsrvr.org js.adsrvr.org
1 pixel.rubiconproject.com s.company-target.com
1 partners.tremorhub.com s.company-target.com
1 www.google.de pages.travelers.com
1 www.google.com pages.travelers.com
1 api.company-target.com scripts.demandbase.com
1 id.rlcdn.com pages.travelers.com
1 s.company-target.com scripts.demandbase.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js.adsrvr.org tags.tiqcdn.com
1 service.maxymiser.net tags.tiqcdn.com
1 scripts.demandbase.com pages.travelers.com
1 st1.dialogtech.com d31y97ze264gaa.cloudfront.net
1 www.googletagmanager.com tags.tiqcdn.com
1 d31y97ze264gaa.cloudfront.net tags.tiqcdn.com
1 cloud.email.travelers.com pages.travelers.com
1 pages.travelers.com
1 click.email.travelers.com 1 redirects
42 24
Subject Issuer Validity Valid
www.travelers.com
Entrust Certification Authority - L1J		 2023-03-13 -
2024-04-13		 a year crt.sh
cloud.email.travelers.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-10 -
2023-11-10		 a year crt.sh
akamai-san69.exacttarget.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-14 -
2024-04-13		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.dialogtech.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.company-target.com
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-09-16 -
2023-10-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 3 frames:

Primary Page: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Frame ID: F23B96D8083A3657ED37CD9220B811E5
Requests: 37 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 8E296692918F3FFA790DD30258DE70A3
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=gmwfwzi&ref=http%3A%2F%2Fpages.travelers.com%2FMyTravelersApp_Redirect%3FTrackingId%3DMyTAppDownload%26Source%3DPI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16%26UserId%3Dsstichman%40mt.gov%26EmailFlag%3Dtrue&upid=lp8wud3&upv=1.1.0
Frame ID: 0BA335E11FEAA4C0A86973223049C404
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.email.travelers.com/?qs=2bf365d5a83d0dee1b9c9ece1306d09a8e7f92e1d6ab8cfc52561220b41f374344bc6f3c... HTTP 302
    http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

42
Requests

64 %
HTTPS

38 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

833 kB
Transfer

1568 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.travelers.com/?qs=2bf365d5a83d0dee1b9c9ece1306d09a8e7f92e1d6ab8cfc52561220b41f374344bc6f3c21bbbf233082695b0b46d69cb88a670bbc507650 HTTP 302
    http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.2.js?utv=ut4.46.202208301427 HTTP 301
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.2.js?utv=ut4.46.202208301427
Request Chain 16
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.3.js?utv=ut4.46.202211031516 HTTP 301
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.3.js?utv=ut4.46.202211031516
Request Chain 17
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.7.js?utv=ut4.46.202105121449 HTTP 301
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.7.js?utv=ut4.46.202105121449
Request Chain 18
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.9.js?utv=ut4.46.202105121449 HTTP 301
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.9.js?utv=ut4.46.202105121449
Request Chain 19
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.10.js?utv=ut4.46.202106161458 HTTP 301
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.10.js?utv=ut4.46.202106161458
Request Chain 24
  • http://scripts.demandbase.com/dSRmmfok.min.js HTTP 307
  • https://scripts.demandbase.com/dSRmmfok.min.js
Request Chain 27
  • http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=travelers/landingpages-us/202211031516&cb=1684365743274 HTTP 301
  • https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=travelers/landingpages-us/202211031516&cb=1684365743274
Request Chain 36
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700263343&external_user_id=6e1491fd-2289-436e-972b-7ecfa22e75d8 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700263343&external_user_id=6e1491fd-2289-436e-972b-7ecfa22e75d8&C=1

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MyTravelersApp_Redirect
pages.travelers.com/
Redirect Chain
  • https://click.email.travelers.com/?qs=2bf365d5a83d0dee1b9c9ece1306d09a8e7f92e1d6ab8cfc52561220b41f374344bc6f3c21bbbf233082695b0b46d69cb88a670bbc507650
  • http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Server
13.111.116.222 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
pages.travelers.com
Software
/
Resource Hash
9e52a8269927a88b18bd84565068521cd25f5e24d718499f1c930731052214f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Length
4319
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 23:22:20 GMT
Expires
-1
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
close
Content-Length
301
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 23:22:19 GMT
Location
http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
base.css
www.travelers.com/media-assets/fonts/1.0/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travelers.com/media-assets/fonts/1.0/base.css
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.22.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-22-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7473421cee86e05768ab458c8b5d605f4b434b530901950043fb3fb5f06067b6
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data:
server-timing
cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="2059317075", ak_p; desc="467879_34664610_24474717_16_67635_48_0";dur=1
content-length
2283
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Nov 2018 08:32:10 GMT
etag
"380b08a3d77d41:0"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
cache-control
max-age=0, no-cache, private
feature-policy
fullscreen 'none'
accept-ranges
bytes
expires
Wed, 17 May 2023 23:22:21 GMT
tds.css
cloud.email.travelers.com/ 		358 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.email.travelers.com/tds.css
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.116.223 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
cloud.email.travelers.com
Software
/
Resource Hash
c9c3e576bed66cd8975fa17c2d8a1a9c40cbb3f81944bcaa267d8aacf1806140

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:22 GMT
Cache-Control
private
Content-Encoding
gzip
Connection
close
Content-Length
41579
Content-Type
text/css; charset=utf-8
0bd29a6e-18c3-47f7-9b6a-c51437c9ab30.png
image.email.travelers.com/lib/fe5f15707c62007a7410/m/1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image.email.travelers.com/lib/fe5f15707c62007a7410/m/1/0bd29a6e-18c3-47f7-9b6a-c51437c9ab30.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Server
2a02:26f0:7100:195::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e158a13bd363917acccbd777ee1cde8e70bb9a866c57bceba4c5ea0fe0494c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:22 GMT
Last-Modified
Mon, 30 Apr 2018 19:33:53 GMT
Server
AkamaiNetStorage
ETag
"143becd5bbda31e3b25ae4f88f16169a:1525116833.239689"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22716
6e197e42-abcf-4c36-9884-0c90b0afa035.jpg
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/43/ 		473 KB
473 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/43/6e197e42-abcf-4c36-9884-0c90b0afa035.jpg
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
71553d3cb7654ae8b24359b6b01ef8619a15c3ef5d2484b3c92cb99791521160

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Fri, 22 May 2020 19:19:26 GMT
Server
AkamaiNetStorage
ETag
"65264c0cf23ce8081a72f138e446c737:1590175166.735926"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
484558
d31f22ca-691c-4708-9f27-a2e8637e3817.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/11/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/11/d31f22ca-691c-4708-9f27-a2e8637e3817.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Server
2a02:26f0:7100:195::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
23820891bb4e5daa39395e0d64a440bd3ea8e503865fc64bd252c36fbbb01344

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:22 GMT
Last-Modified
Thu, 11 Feb 2021 18:21:42 GMT
Server
AkamaiNetStorage
ETag
"5cefff430830274c4d4de6d2a60f2e8a:1613067702.873091"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31417
4195d5af-3f5d-41b7-aedc-1a12c03129e8.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/11/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/11/4195d5af-3f5d-41b7-aedc-1a12c03129e8.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Server
2a02:26f0:7100:195::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
609c6cada9d9f244a73b181bc2999265ada3354751e49e6050c2cd426597b5d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Thu, 11 Feb 2021 18:21:41 GMT
Server
AkamaiNetStorage
ETag
"3740429739e6d933bfbb76f68b0de0c4:1613067701.055882"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33653
7a8c5aee-ed7a-4c54-8068-438ded8e251b.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/3/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/3/7a8c5aee-ed7a-4c54-8068-438ded8e251b.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
29b8b97dc36bd7050d5252146598dda6038eaedfb07f53746a0f34a2115b5ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:22 GMT
Last-Modified
Fri, 18 Sep 2020 18:40:14 GMT
Server
AkamaiNetStorage
ETag
"4366f90377546d65d9adc3de74081d7d:1600454414.747476"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19983
0bd29a6e-18c3-47f7-9b6a-c51437c9ab30.png
image.email.travelers.com/lib/fe5f15707c62007a7410/m/1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5f15707c62007a7410/m/1/0bd29a6e-18c3-47f7-9b6a-c51437c9ab30.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e158a13bd363917acccbd777ee1cde8e70bb9a866c57bceba4c5ea0fe0494c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:22 GMT
Last-Modified
Mon, 30 Apr 2018 19:33:53 GMT
Server
AkamaiNetStorage
ETag
"143becd5bbda31e3b25ae4f88f16169a:1525116833.239689"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22716
63830959-fa9c-4bcb-8939-157bb1badb52.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/63830959-fa9c-4bcb-8939-157bb1badb52.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
69d3af57cc26aa69484655777704273fcb1adccb54a8fee9bcbceaa66649b36b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Thu, 03 Sep 2020 19:50:19 GMT
Server
AkamaiNetStorage
ETag
"b59a1504ee8ae3bf4d4a60f95ca4cc4b:1599162619.698093"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2238
13fa633e-febc-4e48-8111-e47a0865505a.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/13fa633e-febc-4e48-8111-e47a0865505a.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
34d070cab06a2407d28331f3cc696d6f3132b221b48dc06c138c7e2f36a49a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Fri, 18 Sep 2020 18:49:27 GMT
Server
AkamaiNetStorage
ETag
"15efe8aed038db07b79b9e1d4914738f:1600454967.061998"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2355
eecc854c-088e-41bd-8fe6-7224870b8cc5.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/eecc854c-088e-41bd-8fe6-7224870b8cc5.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8b53819e2c8ff0debc362b005cf6b90a3ab49f76ce2d285b43369d1dc6d5088c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Fri, 18 Sep 2020 18:36:27 GMT
Server
AkamaiNetStorage
ETag
"2d6d5c4767eb9b70b763e966d348d012:1600454187.480375"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2470
9d79842f-6d44-4f93-8a2c-274cca3e7898.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/9d79842f-6d44-4f93-8a2c-274cca3e7898.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b57bdef55a1a362f8c33f35d8cb11119487a19a1344e47a7eb6c46117da484c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Fri, 18 Sep 2020 18:56:23 GMT
Server
AkamaiNetStorage
ETag
"ad3a2d71fc61fb6fcfe376d6b2c42a27:1600455383.528386"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2056
c128aafe-e2a2-42bd-9b7b-2e21f7406a8d.png
image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.travelers.com/lib/fe5815707c62007f7d1d/m/13/c128aafe-e2a2-42bd-9b7b-2e21f7406a8d.png
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:18a::1c65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b37cc0add3d6adf91a379c01a8c5829f8f60ee82d0db0f60f21bd0d757906e95

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Last-Modified
Fri, 18 Sep 2020 18:50:12 GMT
Server
AkamaiNetStorage
ETag
"d32eeb3bb99c7853b415bdf51b4e04d8:1600455012.510097"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2366
print.min.css
www.travelers.com/assets/css/ 		180 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travelers.com/assets/css/print.min.css?v=1.0.4
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.22.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-22-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e249a719bc82f84152087701a92c077c649cbbe9973611c745e442bef7d33380
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 23:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data:
server-timing
cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-688391498", ak_p; desc="467879_34664610_24477701_12_2162_45_0";dur=1
content-length
20931
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 May 2023 00:01:59 GMT
etag
"80b5faa3d282d91:0"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
cache-control
private, max-age=521672
feature-policy
fullscreen 'none'
accept-ranges
bytes
utag.js
tags.tiqcdn.com/utag/travelers/landingpages-us/prod/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.js
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82468fd2061e875fe2f2011675f1676bfceed2a5fcdc8e190bff5e64c8aa12c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
l4BkdNMUJeSrbd0DA._BkdH5NtSf0Rqs
content-encoding
br
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 23:22:23 GMT
last-modified
Sat, 11 Mar 2023 07:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"25c81ccb1100b2f4ea75df508505a3fa"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
eYHfelnolksRbF32R7a6VhCnDmwoSqslbfJ5wmNWjm7tJYnpK_Wcxg==
utag.2.js
tags.tiqcdn.com/utag/travelers/landingpages-us/prod/
Redirect Chain
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.2.js?utv=ut4.46.202208301427
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.2.js?utv=ut4.46.202208301427
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.2.js?utv=ut4.46.202208301427
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8882e0cdb144d86981561b467ed606764aebb51ae3bef773e0ef39a7ab695e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
8f98MfOC1bbVf9O0MV0S.ynUhoMnlU7n
content-encoding
br
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 23:22:24 GMT
last-modified
Sat, 11 Mar 2023 07:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"bcae971a7137fe47c9237f21ee3783c7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ck9CdTOxlb8Q6D3-KA2qZyrIW1b1jaOsBYJzDb_mwbrD5a3mfijvdA==

Redirect headers

Date
Wed, 17 May 2023 23:22:22 GMT
Via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.2.js?utv=ut4.46.202208301427
Cache-Control
max-age=1296000
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
Ii9QFYQXCz3DHwm9q-qtKzkmI0zJmr0mTVpHi-xl-im0VXdoMjbqcA==
utag.3.js
tags.tiqcdn.com/utag/travelers/landingpages-us/prod/
Redirect Chain
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.3.js?utv=ut4.46.202211031516
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.3.js?utv=ut4.46.202211031516
17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.3.js?utv=ut4.46.202211031516
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd7e1abaf1ced45af45694d27497347c9032edd1a53e3cf3d49720dc4cdc5308

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
sPNJf43cY.IxLMucUt9JsmzsI.A7ubYF
content-encoding
br
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 23:22:23 GMT
last-modified
Sat, 11 Mar 2023 07:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"e54de1ea96ffe1cd1dbdb96a409a31c3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
usyKohfEeR_1FXug9G7fGuI8FI5h404VXfpdECBfeeB_91fWt7IFZA==

Redirect headers

Date
Wed, 17 May 2023 23:22:22 GMT
Via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.3.js?utv=ut4.46.202211031516
Cache-Control
max-age=1296000
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
O7btPVvrSaU9UmFE8dZOYkGsDWMHqmdc5YgWdI23CJZJs69R0YkUSQ==
utag.7.js
tags.tiqcdn.com/utag/travelers/landingpages-us/prod/
Redirect Chain
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.7.js?utv=ut4.46.202105121449
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.7.js?utv=ut4.46.202105121449
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.7.js?utv=ut4.46.202105121449
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d6d17b0bec8ac25251402f15f7f732662b12e7f7a083b871fde2c6175d571a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Mxd_0Bd8JAw01RknjeYrrm7k0ty4DzTc
content-encoding
br
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 23:22:23 GMT
last-modified
Sat, 11 Mar 2023 07:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"84203af98fcefc7b807d14190bcd7579"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Xrr7vfPRzNxH7s20EL4HqU5yiPYRUdlzFHdk4aW_hxRTqgxHNwHBGw==

Redirect headers

Date
Wed, 17 May 2023 23:22:22 GMT
Via
1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.7.js?utv=ut4.46.202105121449
Cache-Control
max-age=1296000
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
ulCqEnzS1tdcAjKF_Kz3-gwZhzOoZ6TlfK8OhEFzlElXTW0kFZou-w==
utag.9.js
tags.tiqcdn.com/utag/travelers/landingpages-us/prod/
Redirect Chain
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.9.js?utv=ut4.46.202105121449
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.9.js?utv=ut4.46.202105121449
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.9.js?utv=ut4.46.202105121449
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bed8101174f576cd0a313bea9b3d1363e259e5f97409404d6bcebcf894aa759d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
XRssbABEPIL.cJ0w6FU2IXIKwB14DoHa
content-encoding
br
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 23:22:24 GMT
last-modified
Sat, 11 Mar 2023 07:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"bd5355aa47fd85b18fbc7afe9059936c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
pwvp7Wofm9u77D978HXL5adr5CRhiIImM_LnUdzuB6hmp8CmoEE9BQ==

Redirect headers

Date
Wed, 17 May 2023 23:22:22 GMT
Via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.9.js?utv=ut4.46.202105121449
Cache-Control
max-age=1296000
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
hZu98Bxcd6on8-QDlURJ4WTphgjty7IYTiFiylc5JsrKi2_vTRFs5g==
utag.10.js
tags.tiqcdn.com/utag/travelers/landingpages-us/prod/
Redirect Chain
  • http://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.10.js?utv=ut4.46.202106161458
  • https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.10.js?utv=ut4.46.202106161458
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.10.js?utv=ut4.46.202106161458
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26539b03494db2ba3a2154de62cfdd285a91bc25507a3254000b9b496e097b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
rPKvQbR_Xkea0eVj2wnvpcFrhmwZYLj4
content-encoding
br
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 23:22:24 GMT
last-modified
Sat, 11 Mar 2023 07:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"63bce1e8c96169c89e1cd9f30bfef4d2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
AyJ3l8gHMQxluT1mMK4JyXzwoYXiGaTSviVGRb5Hs0phWxoIUOPwrg==

Redirect headers

Date
Wed, 17 May 2023 23:22:22 GMT
Via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.10.js?utv=ut4.46.202106161458
Cache-Control
max-age=1296000
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
OUBS-DdUhkBkgQ0pf2zYMQUvj1CfQJRkRyBHG577FcJ7RnAzmjO4AA==
st.js
d31y97ze264gaa.cloudfront.net/assets/st/js/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d31y97ze264gaa.cloudfront.net/assets/st/js/st.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.js
Protocol
HTTP/1.1
Server
13.32.118.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-181.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
578a6a6e76d78cbdb5c4aa5b475c20f71ec0a8b6e277423c6ae9d139271d2275

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:18:02 GMT
Content-Encoding
gzip
Via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 Sep 2021 16:40:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P1
Age
262
ETag
W/"3ada7e792244a7508ebe96ee72971ce6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
_oNF3K2bzNMq84WaSY3-xeRJWp0x0ifWMJn53fYAOl7RXojqeJRVfQ==
js
www.googletagmanager.com/gtag/ 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-23137171-1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
887c87a698732131eb552b8f8e90915c96585c39bf07ddbafd89111f21115edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 23:22:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46301
x-xss-protection
0
last-modified
Wed, 17 May 2023 22:24:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 May 2023 23:22:23 GMT
/
st1.dialogtech.com/st/ 		261 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.dialogtech.com/st/?_stk=e398b3cc451ea3b74f41e7bb65a7c09b8f9685c0&dr=&dl=http%3A%2F%2Fpages.travelers.com%2FMyTravelersApp_Redirect%3FTrackingId%3DMyTAppDownload%26Source%3DPI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16%26UserId%3Dsstichman%40mt.gov%26EmailFlag%3Dtrue&dt=&vp=1600x1200&sr=1600x1200&cb=1684365743106&stv=38
Requested by
Host: d31y97ze264gaa.cloudfront.net
URL: http://d31y97ze264gaa.cloudfront.net/assets/st/js/st.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.90.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-90-16.compute-1.amazonaws.com
Software
/
Resource Hash
5a76444a7199378d4b57456a5a3a0f8eea9f89515fbda47c38ac64f7f721a7bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 23:22:23 GMT
last-modified
Wed May 17 2023 23:22:23 GMT+0000 (Coordinated Universal Time)
vary
Origin
content-type
application/javascript
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-length
261
expires
Sat, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23137171-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 22:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2804
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 18 May 2023 00:35:39 GMT
dSRmmfok.min.js
scripts.demandbase.com/
Redirect Chain
  • http://scripts.demandbase.com/dSRmmfok.min.js
  • https://scripts.demandbase.com/dSRmmfok.min.js
73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/dSRmmfok.min.js
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
13.32.27.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-69.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e376fa8007b9dfeabae1d72ff34a1e40c7e10629724239b19f4d6988ea355730
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
OL6FmP58WWB97j_II40h3V6_HZe0hJBA
content-encoding
gzip
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
date
Wed, 17 May 2023 22:58:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
1688
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 26 Apr 2023 02:37:38 GMT
server
AmazonS3
etag
W/"b1ab723153c41e09373e86e2607caff7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
wL6azP56mCk3VraYUSnefvCIDN45SP5IRp_40zLMtYgRWRwc85j_QA==

Redirect headers

Location
https://scripts.demandbase.com/dSRmmfok.min.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
mmcore.js
service.maxymiser.net/cdn/travelers/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://service.maxymiser.net/cdn/travelers/js/mmcore.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.js
Protocol
HTTP/1.1
Server
2.23.209.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-171.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
db50d613662d78a26bc43e256bd11f2e015869acacd9f08c0b74ba7537bac759

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Feb 2020 20:07:28 GMT
Server
AkamaiNetStorage
ETag
"7b9f39341fc069f042da833562ec0aed:1582229251.349386"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5836
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/travelers/landingpages-us/prod/utag.js
Protocol
HTTP/1.1
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 02:38:04 GMT
Content-Encoding
gzip
Via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
74660
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
N7bVk2x5gEFwuRavSpJssZbcCsle5i7H-m8uzqVIyhLTaTZic--UoA==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
Redirect Chain
  • http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=travelers/landingpages-us/202211031516&cb=1684365743274
  • https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=travelers/landingpages-us/202211031516&cb=1684365743274
2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=travelers/landingpages-us/202211031516&cb=1684365743274
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Server
2600:9000:223e:bc00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 17 May 2023 23:16:41 GMT
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
MUKuPqLt2gy9ixToFhIajtumHyOnMa_6UpQ56DA0ViXbHhjNHwgNiQ==

Redirect headers

Date
Wed, 17 May 2023 23:22:23 GMT
Via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
application/javascript
Location
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=travelers/landingpages-us/202211031516&cb=1684365743274
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
4avuMhuBYZhPQPyu1wcCW7etim-nKn8pgx9puDkI95EMuU90ss66yQ==
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=741360806&t=pageview&_s=1&dl=http%3A%2F%2Fpages.travelers.com%2FMyTravelersApp_Redirect%3FTrackingId%3DMyTAppDownload%26Source%3DPI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16%26UserId%3Dsstichman%40mt.gov%26EmailFlag%3Dtrue&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAACAAI~&jid=2072696631&gjid=258037938&cid=1031086119.1684365743&tid=UA-23137171-1&_gid=1108439500.1684365743&_r=1&gtm=457e35a0&cd33=01882c0592aa008f94f4821a05100307400ac06c00b08&jsscut=1&z=1407018516
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pages.travelers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 May 2023 23:22:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://pages.travelers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-23137171-1&cid=1031086119.1684365743&jid=2072696631&gjid=258037938&_gid=1108439500.1684365743&_u=4GBAAUAAAAAAACAAI~&z=1451910724
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://pages.travelers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 May 2023 23:22:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://pages.travelers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.company-target.com/s/ Frame 8E29 		634 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.company-target.com/s/sync?exc=lr
Requested by
Host: scripts.demandbase.com
URL: http://scripts.demandbase.com/dSRmmfok.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.71.96.34.bc.googleusercontent.com
Software
/
Resource Hash
294e562651c5c7d0d18dd303291d1f1a5083fafd9e8ebba71c7cd99ff43d987e

Request headers

Referer
http://pages.travelers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 23:22:23 GMT
via
1.1 google
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 23:22:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ip.json
api.company-target.com/api/v2/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=http%3A%2F%2Fpages.travelers.com%2FMyTravelersApp_Redirect%3FTrackingId%3DMyTAppDownload%26Source%3DPI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16%26UserId%3Dsstichman%40mt.gov%26EmailFlag%3Dtrue&page_title=
Requested by
Host: scripts.demandbase.com
URL: http://scripts.demandbase.com/dSRmmfok.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-57.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
92a5a3ef1de1708acd66ef26c082e5274e431749dc853920a3cf2d69d3467a48

Request headers

Referer
http://pages.travelers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 17 May 2023 23:22:23 GMT
identification-source
CENTRAL
content-encoding
gzip
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
request-id
3ed4122c-42d7-478a-954c-576ba1795292
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://pages.travelers.com
access-control-expose-headers
x-amz-cf-id
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gvkjVbFdXuL8vhmiYgiL7y1NGCs0RZvNAjKMa_xC21inWDm2WDbi6A==
expires
Tue, 16 May 2023 23:22:23 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-23137171-1&cid=1031086119.1684365743&jid=2072696631&_u=4GBAAUAAAAAAACAAI~&z=924682461
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 23:22:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-23137171-1&cid=1031086119.1684365743&jid=2072696631&_u=4GBAAUAAAAAAACAAI~&z=924682461
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 23:22:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=741360806&t=event&ni=1&_s=2&dl=http%3A%2F%2Fpages.travelers.com%2FMyTravelersApp_Redirect%3FTrackingId%3DMyTAppDownload%26Source%3DPI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16%26UserId%3Dsstichman%40mt.gov%26EmailFlag%3Dtrue&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=6HBAAUABAAAAACAAI~&jid=&gjid=&cid=1031086119.1684365743&tid=UA-23137171-1&_gid=1108439500.1684365743&gtm=457e35a0&cd7=9058045&cd8=Synopsys%20GmbH&cd9=Software%20%26%20Technology&cd10=Software%20Applications&cd11=Enterprise&cd12=Over%20%245B&cd13=Enterprise%20Business&cd14=Software%20%26%20Technology&cd15=Aschheim%2FDornach&cd16=BY&cd17=Germany&cd18=(Non-Company%20Visitor)&cd20=(Non-Company%20Visitor)&cd21=synopsys.com&cd22=(Non-Company%20Visitor)&z=1259654578
Requested by
Host: pages.travelers.com
URL: http://pages.travelers.com/MyTravelersApp_Redirect?TrackingId=MyTAppDownload&Source=PI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16&UserId=sstichman@mt.gov&EmailFlag=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 00:08:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83629
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E29
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700263343&external_user_id=6e1491fd-2289-436e-972b-7ecfa22e75d8
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700263343&external_user_id=6e1491fd-2289-436e-972b-7ecfa22e75d8&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700263343&external_user_id=6e1491fd-2289-436e-972b-7ecfa22e75d8&C=1
Requested by
Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 23:22:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 23:22:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=18&expiry=1700263343&external_user_id=6e1491fd-2289-436e-972b-7ecfa22e75d8&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sync
partners.tremorhub.com/ Frame 8E29 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIDM=6e1491fd-2289-436e-972b-7ecfa22e75d8
Requested by
Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:cf99:3e16:9b41:8e25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 17 May 2023 23:22:24 GMT
server
nginx
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 8E29 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?nid=5578&put=6e1491fd-2289-436e-972b-7ecfa22e75d8&v=1181926
Requested by
Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
up
insight.adsrvr.org/track/ Frame 0BA3 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=gmwfwzi&ref=http%3A%2F%2Fpages.travelers.com%2FMyTravelersApp_Redirect%3FTrackingId%3DMyTAppDownload%26Source%3DPI_CX_TravantageAnnouncement-VerB_PROD_2023-05-16%26UserId%3Dsstichman%40mt.gov%26EmailFlag%3Dtrue&upid=lp8wud3&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: http://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pages.travelers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Wed, 17 May 2023 23:22:24 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
log
st2.dialogtech.com/st/ 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st2.dialogtech.com/st/log?_stlu=1&bid=ad9ef520-f509-11ed-beac-75e0c3869123&pid=ada0f0f0-f509-11ed-beac-75e0c3869123&stn=&ua=UA-23137171-1&uac=1031086119.1684365743&_stk=e398b3cc451ea3b74f41e7bb65a7c09b8f9685c0&stv=38&cb=1684365745107&r=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.75.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-75-109.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pages.travelers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 17 May 2023 23:22:25 GMT
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless string| userAgent undefined| machineID function| getCookieVal function| updatePhoneNumbers object| tmParam object| marketingDataLayer boolean| utag_condload undefined| id undefined| mileStones undefined| ytapi undefined| scriptref undefined| playerCheckInterval object| utag undefined| setMileStones boolean| __tealium_twc_switch boolean| sustainability_video_page object| teal object| scrollTracker object| Bootstrapper string| _stk string| gtagRename object| dataLayer function| gtag object| $jscomp function| $jscomp$lookupPolyfilledValue object| _st undefined| JSON3 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| mm_async object| mm_pers object| gaplugins object| gaGlobal object| gaData function| ttd_dom_ready function| TTDUniversalPixelApi object| mmRequestCallbacks object| mmsystem object| Demandbase object| mmIntegrations

15 Cookies

Domain/Path Name / Value
.travelers.com/ Name: utag_main
Value: v_id:01882c0592aa008f94f4821a05100307400ac06c00b08$_sn:1$_se:1$_ss:1$_st:1684367542763$ses_id:1684365742763%3Bexp-session$_pn:1%3Bexp-session
.travelers.com/ Name: _ga
Value: GA1.2.1031086119.1684365743
.travelers.com/ Name: _gid
Value: GA1.2.1108439500.1684365743
.travelers.com/ Name: _gat_gtag_UA_23137171_1
Value: 1
.st1.dialogtech.com/ Name: _ibp_st
Value: ad9ef520-f509-11ed-beac-75e0c3869123
.travelers.com/ Name: _st_bid
Value: ad9ef520-f509-11ed-beac-75e0c3869123
.company-target.com/ Name: tuuid
Value: 6e1491fd-2289-436e-972b-7ecfa22e75d8
.company-target.com/ Name: tuuid_lu
Value: 1684365743|ix:0|mctv:0|rp:0
.casalemedia.com/ Name: CMID
Value: ZGVhr1ysU51GyyVg6G3CeAAA
.casalemedia.com/ Name: CMPS
Value: 5258
.casalemedia.com/ Name: CMPRO
Value: 5258
.tremorhub.com/ Name: tvid
Value: 71d98a7557bb4de8b86b9eaf15ef4498
.tremorhub.com/ Name: tv_UIDM
Value: 6e1491fd-2289-436e-972b-7ecfa22e75d8
.pages.travelers.com/ Name: _st
Value: ad9ef520-f509-11ed-beac-75e0c3869123.ada0f0f0-f509-11ed-beac-75e0c3869123....0....1684366343.1684376543.600.10800.30.0....1....1.10,11..travelers^com.UA-23137171-1.1031086119^1684365743.38.
.st2.dialogtech.com/ Name: _ibp_st
Value: ad9ef520-f509-11ed-beac-75e0c3869123

2 Console Messages

Source Level URL
Text
javascript warning URL: http://service.maxymiser.net/cdn/travelers/js/mmcore.js(Line 16)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
click.email.travelers.com
cloud.email.travelers.com
d31y97ze264gaa.cloudfront.net
dsum-sec.casalemedia.com
id.rlcdn.com
image.email.travelers.com
insight.adsrvr.org
js.adsrvr.org
pages.travelers.com
partners.tremorhub.com
pixel.rubiconproject.com
s.company-target.com
scripts.demandbase.com
service.maxymiser.net
st1.dialogtech.com
st2.dialogtech.com
stats.g.doubleclick.net
tags.tiqcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.travelers.com
104.102.22.67
108.138.15.119
13.111.116.222
13.111.116.223
13.111.134.72
13.32.118.181
13.32.27.69
18.66.97.57
185.80.39.216
2.23.209.171
2600:1f18:612b:4280:cf99:3e16:9b41:8e25
2600:9000:223e:6c00:7:2bfb:7c00:93a1
2600:9000:223e:bc00:7:2bfb:7c00:93a1
2a00:1450:4001:802::2008
2a00:1450:4001:808::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:400c:c07::9a
2a02:26f0:7100:18a::1c65
2a02:26f0:7100:195::1c65
34.96.71.22
35.244.174.68
44.194.90.16
52.20.75.109
52.223.40.198
69.173.144.165
23820891bb4e5daa39395e0d64a440bd3ea8e503865fc64bd252c36fbbb01344
26539b03494db2ba3a2154de62cfdd285a91bc25507a3254000b9b496e097b43
294e562651c5c7d0d18dd303291d1f1a5083fafd9e8ebba71c7cd99ff43d987e
29b8b97dc36bd7050d5252146598dda6038eaedfb07f53746a0f34a2115b5ce7
34d070cab06a2407d28331f3cc696d6f3132b221b48dc06c138c7e2f36a49a70
578a6a6e76d78cbdb5c4aa5b475c20f71ec0a8b6e277423c6ae9d139271d2275
5a76444a7199378d4b57456a5a3a0f8eea9f89515fbda47c38ac64f7f721a7bc
609c6cada9d9f244a73b181bc2999265ada3354751e49e6050c2cd426597b5d0
69d3af57cc26aa69484655777704273fcb1adccb54a8fee9bcbceaa66649b36b
71553d3cb7654ae8b24359b6b01ef8619a15c3ef5d2484b3c92cb99791521160
7473421cee86e05768ab458c8b5d605f4b434b530901950043fb3fb5f06067b6
7d6d17b0bec8ac25251402f15f7f732662b12e7f7a083b871fde2c6175d571a7
82468fd2061e875fe2f2011675f1676bfceed2a5fcdc8e190bff5e64c8aa12c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
887c87a698732131eb552b8f8e90915c96585c39bf07ddbafd89111f21115edc
8b53819e2c8ff0debc362b005cf6b90a3ab49f76ce2d285b43369d1dc6d5088c
92a5a3ef1de1708acd66ef26c082e5274e431749dc853920a3cf2d69d3467a48
9e52a8269927a88b18bd84565068521cd25f5e24d718499f1c930731052214f9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37cc0add3d6adf91a379c01a8c5829f8f60ee82d0db0f60f21bd0d757906e95
b57bdef55a1a362f8c33f35d8cb11119487a19a1344e47a7eb6c46117da484c0
bed8101174f576cd0a313bea9b3d1363e259e5f97409404d6bcebcf894aa759d
c8882e0cdb144d86981561b467ed606764aebb51ae3bef773e0ef39a7ab695e1
c9c3e576bed66cd8975fa17c2d8a1a9c40cbb3f81944bcaa267d8aacf1806140
db50d613662d78a26bc43e256bd11f2e015869acacd9f08c0b74ba7537bac759
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e158a13bd363917acccbd777ee1cde8e70bb9a866c57bceba4c5ea0fe0494c0f
e249a719bc82f84152087701a92c077c649cbbe9973611c745e442bef7d33380
e376fa8007b9dfeabae1d72ff34a1e40c7e10629724239b19f4d6988ea355730
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd7e1abaf1ced45af45694d27497347c9032edd1a53e3cf3d49720dc4cdc5308