drt1-billing.cna.com Open in urlscan Pro
159.10.3.219  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response drt1-billing.cna.com/	3 KB 4 KB	841ms 312ms	Document text/html	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 289183fb0e7b141480b40dbe84ede785fcf333ac2f734972f4b35eb8217d68e0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Host drt1-billing.cna.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-length 3482 content-type text/html; charset=utf-8 date Thu, 07 May 2020 16:50:43 GMT p3p CP="NON CUR OTPi OUR NOR UNI" server nginx/1.17.1 x-frame-options DENY surrogate-control no-store x-content-type-options nosniff cache-control no-store, no-cache, must-revalidate, proxy-revalidate expires 0 x-dns-prefetch-control off x-xss-protection 1; mode=block x-robots-tag none x-download-options noopen referrer-policy same-origin strict-transport-security max-age=15552000; includeSubDomains pragma no-cache Set-Cookie _csrf=iQQGf_0ipOP5r-PMeWyD_sNj; Path=/ _csrf=f7njCLoKFsaL4j5koZTpOsOw; Path=/ connect.sid=s%3A9d8bb1bb-9b9e-4d47-8e04-1a2c58701b87.W1yy%2BhTarUL3%2BpDmdelGiBiYHCO2yfDjjQT6abkxmXM; Path=/; Secure
GET H2	200	css fonts.googleapis.com/	7 KB 809 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:300,400,700,900 Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b02c2e279f3e5a1733717f9eb6c61d45572cf76b67d88e128db837b376bca1a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 07 May 2020 16:50:43 GMT server ESF date Thu, 07 May 2020 16:50:43 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 07 May 2020 16:50:43 GMT
GET H/1.1	200 OK	bundle.css drt1-billing.cna.com/	477 KB 477 KB	345ms 344ms	Stylesheet text/css	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/bundle.css Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 9c8cd4863d6a9491a88bb130ff9477802b51869b5fe039bc8de881d2908d67ca Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:43 GMT referrer-policy same-origin content-type text/css; charset=UTF-8 last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 488064 x-content-type-options nosniff
GET H2	200	js Show response www.googletagmanager.com/gtag/	81 KB 30 KB	40ms 39ms	Script application/javascript	2a00:1450:4001:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-145248740-1 Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1e3dc91239e99fd4a0fa8b1408bb1e8ee2a047a49ef014a193885461ce11c337 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:44 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30418 x-xss-protection 0 last-modified Thu, 07 May 2020 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 07 May 2020 16:50:44 GMT
GET H/1.1	200 OK	vendor.js Show response drt1-billing.cna.com/	4 MB 4 MB	709ms 423ms	Script application/javascript	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/vendor.js Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 6d8b35d04fee622cfe778a1b4aae605c56a85bdc4d1cc4c422545ce340242613 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:43 GMT referrer-policy same-origin content-type application/javascript last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 3676909 x-content-type-options nosniff
GET H/1.1	200 OK	bundle.js Show response drt1-billing.cna.com/	2 MB 2 MB	748ms 457ms	Script application/javascript	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/bundle.js Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash fab80f5293be49445f70d263137dea96af316d3121b2f0826683e0efd2557daa Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:43 GMT referrer-policy same-origin content-type application/javascript last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 2247248 x-content-type-options nosniff
GET H2	200	api.js Show response www.google.com/recaptcha/	740 B 570 B	15ms 15ms	Script text/javascript	2a00:1450:4001:815::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4fe09f81d15b223eb84fb7b7beed0e064a86b18814ad263628dad474edfe8d2f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:44 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 470 x-xss-protection 1; mode=block expires Thu, 07 May 2020 16:50:44 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	61 KB 23 KB	42ms 41ms	Script application/javascript	2a00:1450:4001:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WGQ5C6V Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 106a3587ecd2273d4b4d044d3573260eade625c7db6959f133030c2a1b8cc866 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:44 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22994 x-xss-protection 0 last-modified Thu, 07 May 2020 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 07 May 2020 16:50:44 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-145248740-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 6865 date Thu, 07 May 2020 14:56:19 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18174 expires Thu, 07 May 2020 16:56:19 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 103 B	14ms 13ms	Image image/gif	2a00:1450:4001:81b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1632663264&t=pageview&_s=1&dl=https%3A%2F%2Fdrt1-billing.cna.com%2F&ul=en-us&de=UTF-8&dt=CNA%20Bill%20Pay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=641847240&gjid=1072254961&cid=1003909530.1588870245&tid=UA-145248740-1&_gid=718691255.1588870245&_r=1&gtm=2ou4t0&z=511292823 Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 07 May 2020 16:50:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 103 B	14ms 14ms	Image image/gif	2a00:1450:4001:81b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1632663264&t=pageview&_s=1&dl=https%3A%2F%2Fdrt1-billing.cna.com%2F&ul=en-us&de=UTF-8&dt=CNA%20Bill%20Pay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=940292675&gjid=1081315727&cid=1003909530.1588870245&tid=UA-145248740-1&_gid=718691255.1588870245&_r=1&gtm=2wg4t0WGQ5C6V&z=151085285 Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 07 May 2020 16:50:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 132b80c6ac331cfecc910352062385a8438bf8c977e208b1cee5b16479080f0f Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	carousal_lg_img1-f1f27c191b0d40d1bbe73c6c990c5741.png drt1-billing.cna.com/img/	367 KB 368 KB	339ms 338ms	Image image/png	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Show image Full URL https://drt1-billing.cna.com/img/carousal_lg_img1-f1f27c191b0d40d1bbe73c6c990c5741.png Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 01824810de8a3a7aa939a6a3bbdcd806d74de6e00f892408a9707448e515943f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:48 GMT referrer-policy same-origin content-type image/png last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 376085 x-content-type-options nosniff
GET H/1.1	200 OK	carousal_lg_img2-9848a9f7edd0c75336e6a7c29dd0a67e.png drt1-billing.cna.com/img/	455 KB 456 KB	342ms 342ms	Image image/png	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Show image Full URL https://drt1-billing.cna.com/img/carousal_lg_img2-9848a9f7edd0c75336e6a7c29dd0a67e.png Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 8e1d2e612796c49625adf692bec3ce70acf347a7750f4f08f093d334f64615c3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:48 GMT referrer-policy same-origin content-type image/png last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 465964 x-content-type-options nosniff
GET H/1.1	200 OK	carousal_md_img1-536c3dc4d341e14e20198f26a9b15589.png drt1-billing.cna.com/img/	263 KB 263 KB	338ms 338ms	Image image/png	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Show image Full URL https://drt1-billing.cna.com/img/carousal_md_img1-536c3dc4d341e14e20198f26a9b15589.png Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash b49db210c4590505b0d48479efcdd9145356cb94f061721b27016912635e43d3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:48 GMT referrer-policy same-origin content-type image/png last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 269102 x-content-type-options nosniff
GET H/1.1	200 OK	carousal_md_img2-1a5ee73269cd09de241749615521da3c.png drt1-billing.cna.com/img/	303 KB 304 KB	900ms 335ms	Image image/png	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Show image Full URL https://drt1-billing.cna.com/img/carousal_md_img2-1a5ee73269cd09de241749615521da3c.png Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 339fe872462cf4d5f274e26879519ebea6a4831a80f88d78a61b8b1b97d1767e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://drt1-billing.cna.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:48 GMT referrer-policy same-origin content-type image/png last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 310749 x-content-type-options nosniff
POST H/1.1	403 Forbidden	okta-lookup Show response drt1-billing.cna.com/api/	18 B 274 B	593ms 276ms	XHR text/html	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/api/okta-lookup Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Express Resource Hash 3a48ec9505004c8f03c095fb224b38987bb6dd1042f2c7fe0b406988996f1a0b Request headers Accept application/json, text/plain, */* Referer https://drt1-billing.cna.com/ x-csrf-token 5EtNgQUX-2PqjhtGhJDyHh94-arhxFj2hWbo User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 07 May 2020 16:50:48 GMT server nginx/1.17.1 p3p CP="NON CUR OTPi OUR NOR UNI" x-powered-by Express content-length 18 content-type text/html; charset=utf-8
GET DATA	200 OK	truncated /	137 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	137 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H/1.1	200 OK	AvenirLTW01-45Book.ttf drt1-billing.cna.com/fonts/	36 KB 36 KB	783ms 478ms	Font application/x-font-ttf	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/fonts/AvenirLTW01-45Book.ttf Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 33524e170c361a5031c7404c1f07b4dd17955dfa116d0933154cfad164d37a94 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://drt1-billing.cna.com/bundle.css Origin https://drt1-billing.cna.com Response headers date Thu, 07 May 2020 16:50:48 GMT referrer-policy same-origin content-type application/x-font-ttf last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 36424 x-content-type-options nosniff
GET H/1.1	200 OK	fontawesome-webfont.woff2 drt1-billing.cna.com/fonts/	75 KB 76 KB	747ms 439ms	Font application/font-woff2	159.10.3.219 AS16983
General Check archive.org Show headers Download Go to Full URL https://drt1-billing.cna.com/fonts/fontawesome-webfont.woff2 Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.10.3.219 , United States, ASN16983 (AS16983, US), Reverse DNS Software nginx/1.17.1 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://drt1-billing.cna.com/bundle.css Origin https://drt1-billing.cna.com Response headers date Thu, 07 May 2020 16:50:48 GMT referrer-policy same-origin content-type application/font-woff2 last-modified Fri, 24 Apr 2020 20:11:37 GMT server nginx/1.17.1 x-download-options noopen x-frame-options DENY p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control public, max-age=36000 strict-transport-security max-age=15552000; includeSubDomains accept-ranges bytes x-dns-prefetch-control off content-length 77160 x-content-type-options nosniff
GET H2	200	collect www.google-analytics.com/r/	35 B 103 B	14ms 14ms	Image image/gif	2a00:1450:4001:81b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1632663264&t=pageview&_s=1&dl=https%3A%2F%2Fdrt1-billing.cna.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=CNA%20Bill%20Pay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUAB~&jid=1730329150&gjid=431371038&cid=108559181.1588870248&tid=UA-145248740-1&_gid=2117291455.1588870248&_r=1&z=1834683122 Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 07 May 2020 16:50:48 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/-wV2EAWEOTlEtZh4vNQtn3H1/	298 KB 120 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-wV2EAWEOTlEtZh4vNQtn3H1/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 10de7d69af358751d5f0146c012cf400cb2940c6dbdb7d624061e60914c48666 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 04 May 2020 19:15:58 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 May 2020 04:09:11 GMT server sffe age 250490 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 123152 x-xss-protection 0 expires Tue, 04 May 2021 19:15:58 GMT
GET H2	200	/ Show response zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/	79 KB 20 KB	145ms 63ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Requested by Host: drt1-billing.cna.com URL: https://drt1-billing.cna.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b5ef6625cc9039a744bc1797d1b515d6840ddd26ababf3531818404136223e29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 102593 cf-polished origSize=81720 status 200 edge-control max-age=604800 vary Accept-Encoding cf-request-id 0291a513650000cae470297200000001 cf-bgj minify server cloudflare x-powered-by Express etag W/"13f38-qZpFbJh0QkMo0ZxyOUZf9ddeLEk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 cf-ray 58fc71323cdacae4-ARN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 727 B	114ms 112ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_5uT6BgipgPxL9kN&Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web Requested by Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4db2acefd0b6072e0027a64710a21803b8916f3aaa4c0fb4bb723b38140c38cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 07 May 2020 16:50:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin https://drt1-billing.cna.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 58fc7132eef5cae4-ARN vary Accept-Encoding cf-request-id 0291a513cc0000cae4702a8200000001
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	98 KB 30 KB	70ms 69ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web Requested by Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3370cac91a63e0d1a4161f5da57e04e8c9c68f47ff01d8b4d14f24ed72372062 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 244474 cf-polished origSize=101490 status 200 edge-control max-age=604800 vary Accept-Encoding cf-request-id 0291a514400000cae4702b0200000001 last-modified Mon, 27 Apr 2020 17:58:51 GMT server cloudflare x-powered-by Express etag W/"18c72-171bccaab78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 cf-ray 58fc71339938cae4-ARN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 991 B	99ms 99ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_5uT6BgipgPxL9kN&Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web&t=1588870249617&Q_VSI=%7B%22SI_0kNWaKLIny6HAEt%22%3A%22DependencyResolver%22%7D&Q_DPR=true Requested by Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b74f1b5391ddcf0965ab6283ece2d53598ae07742efd706cf66f3cd31f2a46f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 07 May 2020 16:50:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin https://drt1-billing.cna.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 58fc71343b42cae4-ARN vary Accept-Encoding cf-request-id 0291a514a10000cae4702b4200000001
GET H2	200	PopOverModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	9 KB 3 KB	52ms 51ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/PopOverModule.js?Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web Requested by Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 244469 cf-polished origSize=10483 status 200 edge-control max-age=604800 vary Accept-Encoding cf-request-id 0291a515070000cae4702c1200000001 last-modified Mon, 27 Apr 2020 17:58:51 GMT server cloudflare x-powered-by Express etag W/"28f3-171bccaab78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 cf-ray 58fc7134dd5acae4-ARN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 665 B	1089ms 1022ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0kNWaKLIny6HAEt&Version=41&Q_ORIGIN=https://drt1-billing.cna.com&Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web Requested by Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 534295eb9810701f86f00a22b0052d976e5553675d83c639b71e5181fd7294b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 edge-control max-age=604800 vary Accept-Encoding cf-request-id 0291a5154a0000f1426f029200000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false cf-ray 58fc71354b0af142-ARN servershortname expires Sun, 05 May 2030 16:50:49 GMT
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	4 KB 2 KB	923ms 856ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_4HFjXyqyU9ztU7H&Version=3&Q_InterceptID=SI_0kNWaKLIny6HAEt&Q_ORIGIN=https://drt1-billing.cna.com&Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web Requested by Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d9d84c4d3680ce57ca17e6830689a696459c4b6c5e1c045f4616e0f565f6a90 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 edge-control max-age=604800 vary Accept-Encoding cf-request-id 0291a5154a0000f1426f02a200000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false cf-ray 58fc71354b0cf142-ARN servershortname expires Sun, 05 May 2030 16:50:49 GMT
GET H2	200	svg-close-btn-black-7.svg siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	1 KB 867 B	60ms 59ms	Image image/svg+xml	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/svg-close-btn-black-7.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 16:50:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-b3-traceid a488c79e8b33ea02 age 14560647 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 vary Accept-Encoding cf-request-id 0291a519570000cae470321200000001 last-modified Wed, 13 Nov 2019 00:06:48 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml cache-control max-age=315360000 x-b3-spanid bd83dedd0826ce3f x-b3-sampled 0 cf-ray 58fc713bb9c2cae4-ARN servershortname expires Sun, 18 Nov 2029 04:13:23 GMT
POST H2	200	/ Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 353 B	593ms 592ms	XHR text/plain	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_4HFjXyqyU9ztU7H&Q_SIID=SI_0kNWaKLIny6HAEt&Q_ASID=AS_24013540&Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web&r=1588870250886 Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.25.1&Q_CLIENTTYPE=web Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 07 May 2020 16:50:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/plain; charset=UTF-8 access-control-allow-origin https://drt1-billing.cna.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 58fc713c2e87f142-ARN vary Accept-Encoding cf-request-id 0291a519960000f1426f0a4200000001

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| app object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| __rewire_reset_all__ object| __$$GLOBAL_REWIRE_REGISTRY__ function| AWAPI number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ function| jQuery function| vueRecaptchaApiLoaded function| saveAs boolean| ga-disable-UA-145248740-1 object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| QSI object| _qsie function| qsiRequestAnimationFrame

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			drt1-billing.cna.com/	1969-12-31 23:59:59	Name: _csrf Value: -vetQyzlnTTGeTbWgv7Q3ivY

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://drt1-billing.cna.com/vendor.js(Line 59221) Message: [vue-router] Named Route 'home' has a default child route. When navigating to this named route (:to="{name: 'home'"), the default child route will not be rendered. Remove the name from this route and use the name of the default child route for named links instead.
console-api	warning	URL: https://drt1-billing.cna.com/vendor.js(Line 59221) Message: [vue-router] Named Route 'login' has a default child route. When navigating to this named route (:to="{name: 'login'"), the default child route will not be rendered. Remove the name from this route and use the name of the default child route for named links instead.
console-api	warning	URL: https://drt1-billing.cna.com/vendor.js(Line 59221) Message: [vue-router] Named Route 'login' has a default child route. When navigating to this named route (:to="{name: 'login'"), the default child route will not be rendered. Remove the name from this route and use the name of the default child route for named links instead.
console-api	warning	URL: https://drt1-billing.cna.com/vendor.js(Line 59221) Message: [vue-router] Duplicate named routes definition: { name: "login", path: "/login" }
console-api	warning	URL: https://drt1-billing.cna.com/vendor.js(Line 59221) Message: [vue-router] Named Route 'user-info' has a default child route. When navigating to this named route (:to="{name: 'user-info'"), the default child route will not be rendered. Remove the name from this route and use the name of the default child route for named links instead.
console-api	info	URL: https://drt1-billing.cna.com/vendor.js(Line 44909) Message: You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api	log	URL: https://drt1-billing.cna.com/bundle.js(Line 11164) Message: error in retrieving URL
console-api	log	URL: https://drt1-billing.cna.com/bundle.js(Line 11165) Message: Error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drt1-billing.cna.com
fonts.googleapis.com
siteintercept.qualtrics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com
104.17.208.240
159.10.3.219
2a00:1450:4001:815::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2008
01824810de8a3a7aa939a6a3bbdcd806d74de6e00f892408a9707448e515943f
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
106a3587ecd2273d4b4d044d3573260eade625c7db6959f133030c2a1b8cc866
10de7d69af358751d5f0146c012cf400cb2940c6dbdb7d624061e60914c48666
132b80c6ac331cfecc910352062385a8438bf8c977e208b1cee5b16479080f0f
1e3dc91239e99fd4a0fa8b1408bb1e8ee2a047a49ef014a193885461ce11c337
289183fb0e7b141480b40dbe84ede785fcf333ac2f734972f4b35eb8217d68e0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d9d84c4d3680ce57ca17e6830689a696459c4b6c5e1c045f4616e0f565f6a90
33524e170c361a5031c7404c1f07b4dd17955dfa116d0933154cfad164d37a94
3370cac91a63e0d1a4161f5da57e04e8c9c68f47ff01d8b4d14f24ed72372062
339fe872462cf4d5f274e26879519ebea6a4831a80f88d78a61b8b1b97d1767e
3a48ec9505004c8f03c095fb224b38987bb6dd1042f2c7fe0b406988996f1a0b
4db2acefd0b6072e0027a64710a21803b8916f3aaa4c0fb4bb723b38140c38cd
4fe09f81d15b223eb84fb7b7beed0e064a86b18814ad263628dad474edfe8d2f
534295eb9810701f86f00a22b0052d976e5553675d83c639b71e5181fd7294b3
6d8b35d04fee622cfe778a1b4aae605c56a85bdc4d1cc4c422545ce340242613
7b74f1b5391ddcf0965ab6283ece2d53598ae07742efd706cf66f3cd31f2a46f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1d2e612796c49625adf692bec3ce70acf347a7750f4f08f093d334f64615c3
9c8cd4863d6a9491a88bb130ff9477802b51869b5fe039bc8de881d2908d67ca
b02c2e279f3e5a1733717f9eb6c61d45572cf76b67d88e128db837b376bca1a4
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b49db210c4590505b0d48479efcdd9145356cb94f061721b27016912635e43d3
b5ef6625cc9039a744bc1797d1b515d6840ddd26ababf3531818404136223e29
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
fab80f5293be49445f70d263137dea96af316d3121b2f0826683e0efd2557daa