urlscan.io logo urlscan.io
SecurityTrails logo

billing.cna.com Open in urlscan Pro
159.10.132.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://billing.cna.com/
Effective URL: https://billing.cna.com/
Submission: On January 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 159.10.132.112, located in United States and belongs to CNA-INSURANCE, US. The main domain is billing.cna.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 9th 2023. Valid for: a year.
This is the only time billing.cna.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    159.10.132.112 (United States)

ASN23084 (CNA-INSURANCE, US)
billing.cna.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com
siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
16 cna.com
billing.cna.com
8 MB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
42 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
383 KB
3 qualtrics.com
zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 911
27 KB
1 gstatic.com
www.gstatic.com
204 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
34 7
Domain Requested by
16 billing.cna.com 1 redirects billing.cna.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
billing.cna.com
5 www.googletagmanager.com billing.cna.com
www.googletagmanager.com
www.google-analytics.com
3 region1.google-analytics.com www.googletagmanager.com
2 siteintercept.qualtrics.com zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1 zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com billing.cna.com
1 www.gstatic.com www.google.com
1 www.google.com billing.cna.com
1 fonts.googleapis.com billing.cna.com
34 9

This site contains links to these domains. Also see Links.

Domain
cna-external.okta.com
www.cna.com
Subject Issuer Validity Valid
billing.cna.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-09 -
2024-06-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://billing.cna.com/
Frame ID: 4118E92237D01006CB5E97D6AB46C165
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CNA Bill Pay

Page URL History Show full URLs

  1. http://billing.cna.com/ HTTP 302
    https://billing.cna.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

8431 kB
Transfer

10139 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://billing.cna.com/ HTTP 302
    https://billing.cna.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
billing.cna.com/
Redirect Chain
  • http://billing.cna.com/
  • https://billing.cna.com/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
e7f0b71385311eb6625e16de68a5f860f5ddbac3bec61808969ed8765e3c0fa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Jan 2024 00:11:58 GMT
Expires
0
P3P
CP=HONK
Pragma
no-cache
Referrer-Policy
same-origin
Server
Access Gateway
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=15768000
Surrogate-Control
no-store
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
DENY
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
x-oag-host
b629f87e6611b1f42de92dff70c18f427ed0b1b72ff11e418584db42161b7914

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://billing.cna.com/
Server
BigIP
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,700,900
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c94ea5f8079356ef22bd0cf6b151973832f15cf4b6e0eb40c8af229f558b6f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 00:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:29:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 00:29:37 GMT
bundle.css
billing.cna.com/ 		705 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/bundle.css
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
07b6e0aa807c592a76372162adc4cfc89e1123b9880d0b457572d96fb25d811d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:11:59 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
b629f87e6611b1f42de92dff70c18f427ed0b1b72ff11e418584db42161b7914
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=36000
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145248740-1
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68947c2cd173b6da99c4773ad69960db078469faf7bab296a5079dfd081cfba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69397
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jan 2024 00:29:38 GMT
vendor.js
billing.cna.com/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/vendor.js
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
8235c452e5a3693f4d0e9410764b752d81dca2d1098b2b9fac7be8b64a417fe1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
38c6a12c250ecaf619f33c6a88a08f86d09bd5cc4a255389b7686d1d596bb230
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
3682301
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
bundle.js
billing.cna.com/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/bundle.js
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
d34ed7e83a9feffe487b1c663e4088f9a3528ff6b2569d8897a83d10a387640d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
f5e1f199e5a3975fb7505f1132de23b40a9daba177d9c32cf7d7bd6bec2657fb
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
3073814
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
305e36355fa578e34b87a3880dbba72a6b5d09f00b292b8b2c434e0cb53e878c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 00:29:38 GMT
gtm.js
www.googletagmanager.com/ 		194 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGQ5C6V
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ead96ded012baf42c962481dba962bb4b7a851ac429dd112e033a0109a5c6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71358
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jan 2024 00:29:38 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DJF78TG2QK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145248740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
319961133f06684f0e12b96817a780a3e98dedacefa4fafcbb7f838aff359049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81632
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 00:29:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145248740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 23:48:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2483
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jan 2024 01:48:15 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G9SMF8G8N5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGQ5C6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3953a082ec9e76e94a5c8f74dd55be5f8e4c734b7a469c8e96171b590bfbd9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85967
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 00:29:38 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1174549434&t=pageview&_s=1&dl=https%3A%2F%2Fbilling.cna.com%2F&ul=en-us&de=UTF-8&dt=CNA%20Bill%20Pay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=302646098&gjid=601203951&cid=1756898604.1705105778&tid=UA-145248740-1&_gid=1938092770.1705105778&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1248405517
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 00:29:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing.cna.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1174549434&t=pageview&_s=1&dl=https%3A%2F%2Fbilling.cna.com%2F&ul=en-us&de=UTF-8&dt=CNA%20Bill%20Pay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=275180933&gjid=888847691&cid=1756898604.1705105778&tid=UA-145248740-1&_gid=1938092770.1705105778&_r=1&_slc=1&gtm=45He41a0n81WGQ5C6Vv812623323&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1849582377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7660cfd19d1d124278f706439981c65bc7edff5ccf0c4d5b631a8ea1c0eaac5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 00:29:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing.cna.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DJF78TG2QK&gtm=45je41a0v9125952823&_p=1705105778075&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1756898604.1705105778&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705105778&sct=1&seg=0&dl=https%3A%2F%2Fbilling.cna.com%2F&dt=CNA%20Bill%20Pay&en=page_view&_fv=1&_ss=1&tfd=1673
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DJF78TG2QK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 00:29:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing.cna.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DJF78TG2QK&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8211eec927b8feae84613c541dfdcee0ae1a65c32bf1113c33c4b957fe39077a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83396
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 00:29:38 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G9SMF8G8N5&gtm=45je41a0v879432411z8812623323&_p=1705105778075&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1756898604.1705105778&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705105778&sct=1&seg=0&dl=https%3A%2F%2Fbilling.cna.com%2F&dt=CNA%20Bill%20Pay&en=page_view&_fv=1&_ss=1&tfd=1690
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G9SMF8G8N5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 00:29:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing.cna.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 23:48:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2486
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jan 2024 01:48:15 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
132b80c6ac331cfecc910352062385a8438bf8c977e208b1cee5b16479080f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
carousal_lg_img1-3a5afee4476584078116640b77883f5f.jpg
billing.cna.com/img/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_lg_img1-3a5afee4476584078116640b77883f5f.jpg
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
7bff392d823a226f0213ea738674a3c1ac2af439e07299dfa72d4001e9fe2706
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
38c6a12c250ecaf619f33c6a88a08f86d09bd5cc4a255389b7686d1d596bb230
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
67892
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_lg_img2-f1f27c191b0d40d1bbe73c6c990c5741.png
billing.cna.com/img/ 		367 KB
368 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_lg_img2-f1f27c191b0d40d1bbe73c6c990c5741.png
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
01824810de8a3a7aa939a6a3bbdcd806d74de6e00f892408a9707448e515943f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
f5e1f199e5a3975fb7505f1132de23b40a9daba177d9c32cf7d7bd6bec2657fb
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
376085
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_lg_img3-6dd7f5b6dc2490d027b8d6633224fd6e.jpg
billing.cna.com/img/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_lg_img3-6dd7f5b6dc2490d027b8d6633224fd6e.jpg
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
51ca2a369f6dc25dfa4ba4c413daabb0a5d44ac9b2a59487367d806ae4481f52
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:12:03 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
b629f87e6611b1f42de92dff70c18f427ed0b1b72ff11e418584db42161b7914
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
49714
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_lg_img4-057fc42612680597d3b8162ae1c5b168.jpg
billing.cna.com/img/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_lg_img4-057fc42612680597d3b8162ae1c5b168.jpg
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
9f18f513e0a574f6859bdf6c4cdc23cf95c1b085c00e1e759bb91a60befd7bb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
f5e1f199e5a3975fb7505f1132de23b40a9daba177d9c32cf7d7bd6bec2657fb
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
52718
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_md_img1-9952799653a972ba8d9d90a8702305f7.jpg
billing.cna.com/img/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_md_img1-9952799653a972ba8d9d90a8702305f7.jpg
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
445e5d5313a281160b332e92ccdfd6689e91b53260c0923ed2c442a51473810f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:12:03 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
b629f87e6611b1f42de92dff70c18f427ed0b1b72ff11e418584db42161b7914
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
57621
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_md_img2-536c3dc4d341e14e20198f26a9b15589.png
billing.cna.com/img/ 		263 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_md_img2-536c3dc4d341e14e20198f26a9b15589.png
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
b49db210c4590505b0d48479efcdd9145356cb94f061721b27016912635e43d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
f5e1f199e5a3975fb7505f1132de23b40a9daba177d9c32cf7d7bd6bec2657fb
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
269102
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_md_img3-996f273a3187c863d3408020b1b441a8.jpg
billing.cna.com/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_md_img3-996f273a3187c863d3408020b1b441a8.jpg
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
aeb06207b10172ff7e41deb8f2e8a852b6b0e475bd4a8abc9801218904d75ff6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:12:04 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
b629f87e6611b1f42de92dff70c18f427ed0b1b72ff11e418584db42161b7914
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
39663
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
carousal_md_img4-913c94f0d0406d8ead501163ec7675ad.jpg
billing.cna.com/img/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billing.cna.com/img/carousal_md_img4-913c94f0d0406d8ead501163ec7675ad.jpg
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
2f50645b35a60ad22d3ff5260d48aa20984a7faaf0b60df8cadc4d8bc77a3206
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://billing.cna.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
38c6a12c250ecaf619f33c6a88a08f86d09bd5cc4a255389b7686d1d596bb230
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
40252
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
okta-lookup
billing.cna.com/api/ 		52 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/api/okta-lookup
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
fc4c5c6a30b2afd38cef643fa04eb64248dd2a30261931230bc3a8d99fd30df3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://billing.cna.com/
x-csrf-token
rWc1UKp8-5BqxT425IaHsAWU8YkkobXCqcuM
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
f5e1f199e5a3975fb7505f1132de23b40a9daba177d9c32cf7d7bd6bec2657fb
Surrogate-Control
no-store
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
52
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
same-origin
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
X-Robots-Tag
none
Expires
0
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
AvenirLTW01-45Book.ttf
billing.cna.com/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/fonts/AvenirLTW01-45Book.ttf
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
33524e170c361a5031c7404c1f07b4dd17955dfa116d0933154cfad164d37a94
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing.cna.com/
Origin
https://billing.cna.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:12:03 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
b629f87e6611b1f42de92dff70c18f427ed0b1b72ff11e418584db42161b7914
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
36424
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
application/x-font-ttf
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
fontawesome-webfont.woff2
billing.cna.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://billing.cna.com/fonts/fontawesome-webfont.woff2
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/bundle.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.10.132.112 , United States, ASN23084 (CNA-INSURANCE, US),
Reverse DNS
Software
Access Gateway /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billing.cna.com/bundle.css
Origin
https://billing.cna.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 00:29:42 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=15768000
X-Content-Type-Options
nosniff
x-oag-host
38c6a12c250ecaf619f33c6a88a08f86d09bd5cc4a255389b7686d1d596bb230
X-DNS-Prefetch-Control
off
P3P
CP=HONK
Connection
keep-alive
Content-Length
77160
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 20 Nov 2023 05:24:59 GMT
Server
Access Gateway
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
application/font-woff2
Cache-Control
public, max-age=36000
Accept-Ranges
bytes
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		506 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://billing.cna.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207845
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:29:43 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1174549434&t=pageview&_s=1&dl=https%3A%2F%2Fbilling.cna.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=CNA%20Bill%20Pay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEHAAUABAAAAACAAI~&jid=696621110&gjid=1119095683&cid=1756898604.1705105778&tid=UA-145248740-1&_gid=1938092770.1705105778&_r=1&z=402678689
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 00:29:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing.cna.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G9SMF8G8N5&gtm=45je41a0v879432411&_p=1705105778075&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1756898604.1705105778&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705105778&sct=1&seg=0&dl=https%3A%2F%2Fbilling.cna.com%2F&dt=CNA%20Bill%20Pay&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6693
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G9SMF8G8N5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 00:29:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://billing.cna.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN
Requested by
Host: billing.cna.com
URL: https://billing.cna.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9592fe86b5b1d03730d6e5bc9e6a0b54d0c19f2b1aa988da1086e1d6c5f1ed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"23c3-bfOkoxrVOV5EQK7ba+zXTToI4oM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
844986cfdae037ef-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
12.8285009719db95e12baa.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.8285009719db95e12baa.chunk.js?Q_CLIENTVERSION=1.105.0&Q_CLIENTTYPE=web&Q_BRANDID=billing.cna.com
Requested by
Host: zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com
URL: https://zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5uT6BgipgPxL9kN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5e199dab14ebe86bfc678580fae3f235d6e06aed3e5f3598948613e4298730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
269497
cf-polished
origSize=75119
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Jan 2024 18:18:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"1256f-18cea4c09c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
844986d0cb6e37ef-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		1 KB
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_5uT6BgipgPxL9kN&Q_CLIENTVERSION=1.105.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8285009719db95e12baa.chunk.js?Q_CLIENTVERSION=1.105.0&Q_CLIENTTYPE=web&Q_BRANDID=billing.cna.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e0a3f75bdbc35ce5ab5c0b2e4cc62bd16fef17291b04b47e25bb3d0671af31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 13 Jan 2024 00:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://billing.cna.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
5cedd8482a23bab0
cf-ray
844986d0fb8237ef-FRA
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| app object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| __rewire_reset_all__ object| __$$GLOBAL_REWIRE_REGISTRY__ function| AWAPI number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ function| jQuery function| saveAs function| vueRecaptchaApiLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| ga-disable-UA-145248740-1 object| recaptcha object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.105.0 object| _qsie

11 Cookies

Domain/Path Name / Value
billing.cna.com/ Name: _csrf
Value: -6lzr-YSlvdsBNhW2_0qYeE6
.cna.com/ Name: _gid
Value: GA1.2.1938092770.1705105778
.cna.com/ Name: _gat_gtag_UA_145248740_1
Value: 1
.billing.cna.com/ Name: _ga
Value: GA1.3.1756898604.1705105778
.billing.cna.com/ Name: _gid
Value: GA1.3.1938092770.1705105778
.billing.cna.com/ Name: _gat_UA-145248740-1
Value: 1
.cna.com/ Name: _ga_DJF78TG2QK
Value: GS1.1.1705105778.1.0.1705105778.0.0.0
.cna.com/ Name: _ga_G9SMF8G8N5
Value: GS1.1.1705105778.1.0.1705105778.0.0.0
.cna.com/ Name: _ga
Value: GA1.2.1756898604.1705105778
.cna.com/ Name: _gat
Value: 1
billing.cna.com/ Name: connect.sid
Value: s%3Af850087a-93c7-426b-a978-e99dce6bf8b3.64ij5Q5U45Dv%2FESBaKhojthXVb%2FRsj8FMTYIikMQX%2Bk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billing.cna.com
fonts.googleapis.com
region1.google-analytics.com
siteintercept.qualtrics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
zn5ut6bgipgpxl9kn-cna.siteintercept.qualtrics.com
104.17.208.240
159.10.132.112
2001:4860:4802:32::36
2a00:1450:4001:810::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
01824810de8a3a7aa939a6a3bbdcd806d74de6e00f892408a9707448e515943f
07b6e0aa807c592a76372162adc4cfc89e1123b9880d0b457572d96fb25d811d
132b80c6ac331cfecc910352062385a8438bf8c977e208b1cee5b16479080f0f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f50645b35a60ad22d3ff5260d48aa20984a7faaf0b60df8cadc4d8bc77a3206
305e36355fa578e34b87a3880dbba72a6b5d09f00b292b8b2c434e0cb53e878c
319961133f06684f0e12b96817a780a3e98dedacefa4fafcbb7f838aff359049
33524e170c361a5031c7404c1f07b4dd17955dfa116d0933154cfad164d37a94
3ead96ded012baf42c962481dba962bb4b7a851ac429dd112e033a0109a5c6aa
445e5d5313a281160b332e92ccdfd6689e91b53260c0923ed2c442a51473810f
46e0a3f75bdbc35ce5ab5c0b2e4cc62bd16fef17291b04b47e25bb3d0671af31
51ca2a369f6dc25dfa4ba4c413daabb0a5d44ac9b2a59487367d806ae4481f52
68947c2cd173b6da99c4773ad69960db078469faf7bab296a5079dfd081cfba9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7660cfd19d1d124278f706439981c65bc7edff5ccf0c4d5b631a8ea1c0eaac5b
7bff392d823a226f0213ea738674a3c1ac2af439e07299dfa72d4001e9fe2706
8211eec927b8feae84613c541dfdcee0ae1a65c32bf1113c33c4b957fe39077a
8235c452e5a3693f4d0e9410764b752d81dca2d1098b2b9fac7be8b64a417fe1
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
9c94ea5f8079356ef22bd0cf6b151973832f15cf4b6e0eb40c8af229f558b6f3
9f18f513e0a574f6859bdf6c4cdc23cf95c1b085c00e1e759bb91a60befd7bb5
aeb06207b10172ff7e41deb8f2e8a852b6b0e475bd4a8abc9801218904d75ff6
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b49db210c4590505b0d48479efcdd9145356cb94f061721b27016912635e43d3
d34ed7e83a9feffe487b1c663e4088f9a3528ff6b2569d8897a83d10a387640d
da5e199dab14ebe86bfc678580fae3f235d6e06aed3e5f3598948613e4298730
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3953a082ec9e76e94a5c8f74dd55be5f8e4c734b7a469c8e96171b590bfbd9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0b71385311eb6625e16de68a5f860f5ddbac3bec61808969ed8765e3c0fa4
f9592fe86b5b1d03730d6e5bc9e6a0b54d0c19f2b1aa988da1086e1d6c5f1ed9
fc4c5c6a30b2afd38cef643fa04eb64248dd2a30261931230bc3a8d99fd30df3