americanfidelity.staging.boldin.com Open in urlscan Pro
52.8.58.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://americanfidelity.staging.boldin.com/
Effective URL:
https://americanfidelity.staging.boldin.com/auth/sign-in
Submission: On August 29 via api (August 29th 2024, 3:21:57 pm UTC) from US — Scanned from US

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 49 HTTP transactions. The main IP is 52.8.58.237, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is americanfidelity.staging.boldin.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 6th 2024. Valid for: a year.

This is the only time americanfidelity.staging.boldin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 37	52.8.58.237 52.8.58.237	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
3	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	108.139.29.40 108.139.29.40	16509 (AMAZON-02) (AMAZON-02)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.192.2 52.219.192.2	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1	18.164.124.57 18.164.124.57	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
49	10

37 52.8.58.237 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-58-237.us-west-1.compute.amazonaws.com

americanfidelity.staging.boldin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

ga.jspm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-40.jfk50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.192.2 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com

nr-rails-staging.s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-57.jfk50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	boldin.com 2 redirects americanfidelity.staging.boldin.com	313 KB
3	jspm.io ga.jspm.io — Cisco Umbrella Rank: 65089	504 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	171 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	156 KB
1	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 4912	464 B
1	amazonaws.com nr-rails-staging.s3.us-west-1.amazonaws.com	22 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	15 KB
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4671	18 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 7016	2 KB
49	10

	Domain	Requested by
37	americanfidelity.staging.boldin.com	2 redirects americanfidelity.staging.boldin.com
3	ga.jspm.io	americanfidelity.staging.boldin.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	americanfidelity.staging.boldin.com www.googletagmanager.com
2	cdn.jsdelivr.net	americanfidelity.staging.boldin.com
1	consent.trustarc.com	www.googletagmanager.com
1	nr-rails-staging.s3.us-west-1.amazonaws.com	americanfidelity.staging.boldin.com
1	cdnjs.cloudflare.com	americanfidelity.staging.boldin.com
1	cdn.amplitude.com	americanfidelity.staging.boldin.com
1	js.sentry-cdn.com	americanfidelity.staging.boldin.com
49	10

This site contains links to these domains. Also see Links.

Domain
amfidelitystag.wpengine.com

Subject Issuer	Validity	Valid
*.staging.boldin.com Amazon RSA 2048 M03	`2024-08-06` - `2025-09-04`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
ga.jspm.io GlobalSign RSA OV SSL CA 2018	`2023-08-30` - `2024-09-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://americanfidelity.staging.boldin.com/auth/sign-in
Frame ID: 5D5B3FCA88B4BE78AA9DBF4F1C421982
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In | Boldin

Page URL History Show full URLs

https://americanfidelity.staging.boldin.com/ HTTP 301
http://americanfidelity.staging.boldin.com/auth/sign-in HTTP 307
https://americanfidelity.staging.boldin.com/auth/sign-in Page URL

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

/semantic(?:-([\d.]+))?(?:\.min)?\.js

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

49
Requests

98 %
HTTPS

40 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

1198 kB
Transfer

3403 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://amfidelitystag.wpengine.com/
Title: Back to American Fidelity

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://americanfidelity.staging.boldin.com/ HTTP 301
http://americanfidelity.staging.boldin.com/auth/sign-in HTTP 307
https://americanfidelity.staging.boldin.com/auth/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://americanfidelity.staging.boldin.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsiZGF0YSI6OTYzLCJwdXIiOiJibG9iX2lkIn19--ff0975a2a55b321c954b3e3cad75ca6f5bd5f180/americanfidelity-logo.svg HTTP 302
https://nr-rails-staging.s3.us-west-1.amazonaws.com/4b9sskzh820u3d6xh2tvqdlqgvsz

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign-in Show response
americanfidelity.staging.boldin.com/auth/
Redirect Chain

https://americanfidelity.staging.boldin.com/
http://americanfidelity.staging.boldin.com/auth/sign-in
https://americanfidelity.staging.boldin.com/auth/sign-in

21 KB
22 KB

216ms
213ms

Document
text/html

52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

b04781e71d45ca3584d8c2507a33eb81846f31c8a1eeadc7f896ae5cd4fb587f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0 0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 21208
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 15:21:48 GMT
etag: W/"b04781e71d45ca3584d8c2507a33eb81"
link: </rails/assets/user-d88d4fc18147a2e6f7519872a321c44631438dcaf775d491d1843e5d46b0f27d.css>; rel=preload; as=style; nopush,</rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css>; rel=preload; as=style; nopush,</rails/assets/inter-font-344b6db4de8b0993b39f6f44f0a6ae6bcb497792cbf7854968cc1febe7fee5bf.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 44
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 64e977cb-f53b-45be-8f50-30843ece89fe
x-runtime: 0.039916
x-xss-protection: 0 0

Redirect headers

Location: https://americanfidelity.staging.boldin.com/auth/sign-in
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 user-d88d4fc18147a2e6f7519872a321c44631438dcaf775d491d1843e5d46b0f27d.css
americanfidelity.staging.boldin.com/rails/assets/ 448 B
2 KB 136ms
105ms Stylesheet
text/css 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/user-d88d4fc18147a2e6f7519872a321c44631438dcaf775d491d1843e5d46b0f27d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

1dd0c799ec0650df9c4a9717cb0f3014f5ae42a63000eb37314c60626b363e7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: accept-encoding, Origin
content-type: text/css
x-envoy-upstream-service-time: 3
content-length: 313
x-xss-protection: 0

GET
H2 200 tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css
americanfidelity.staging.boldin.com/rails/assets/ 33 KB
9 KB 133ms
103ms Stylesheet
text/css 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

477860d4f81f40ac564a0ae2fd2a4b1aeb36f6f16c93eee848ccfad33586e2cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: accept-encoding, Origin
content-type: text/css
x-envoy-upstream-service-time: 2
content-length: 7623
x-xss-protection: 0

GET
H2 200 inter-font-344b6db4de8b0993b39f6f44f0a6ae6bcb497792cbf7854968cc1febe7fee5bf.css
americanfidelity.staging.boldin.com/rails/assets/ 9 KB
3 KB 133ms
104ms Stylesheet
text/css 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/inter-font-344b6db4de8b0993b39f6f44f0a6ae6bcb497792cbf7854968cc1febe7fee5bf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

566e1f9a2522f4b84afd9ffe817ac56e225d2b4e39de53d04784de8a52270bd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:10 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: accept-encoding, Origin
content-type: text/css
x-envoy-upstream-service-time: 4
content-length: 1612
x-xss-protection: 0

GET
H2 200 07e29a4ee58044c2b9b32aaec559a387.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 428ms
57ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/07e29a4ee58044c2b9b32aaec559a387.min.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

779e9255f88db83c8d8b2831f8f97361b736c0b43fa1b051d531472b30ac9a0a

Security Headers

Name	Value
Content-Security-Policy	media-src ; object-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; worker-src blob:; img-src blob: data:; base-uri 'none'; font-src * data:; style-src * 'unsafe-inline'; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=42f6ee533a2e3ce2f0a3e21cf9176104d645c2c5
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: media-src *; object-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; worker-src blob:; img-src * blob: data:; base-uri 'none'; font-src * data:; style-src * 'unsafe-inline'; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=42f6ee533a2e3ce2f0a3e21cf9176104d645c2c5
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Aug 2024 15:21:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 144
x-envoy-upstream-service-time: 33
content-length: 1281
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-59bdfbc5d8-2spvf, cache-chi-kigq8000149-CHI, cache-bur-kbur8200021-BUR
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 application-fce7802de730f7ff384a05cf4a5dd41fbd3e4565769a8d96fe7e2de3134ed85c.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 170 B
1 KB 210ms
178ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/application-fce7802de730f7ff384a05cf4a5dd41fbd3e4565769a8d96fe7e2de3134ed85c.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

06074fed64471722266b6a3c44270b0bb01a9f5879df42c722adaee6ae6f5ed7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 5
content-length: 145
x-xss-protection: 0

GET
H2 200 turbo.min-fe5e4e6d9d4748b578bd63f3463b897100652807f454ac962467dd9a63d59e56.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 99 KB
28 KB 207ms
175ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/turbo.min-fe5e4e6d9d4748b578bd63f3463b897100652807f454ac962467dd9a63d59e56.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

608cad874435e8c30b65d8d39e78bcfe1d1a5a8eb72f342254d695049f77d5fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:10 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 3
content-length: 27369
x-xss-protection: 0

GET
H2 200 stimulus.min-80dbe4ef472aa4590ac97ce562fcde790d030c35173baf245b2a846f58458b9c.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 45 KB
12 KB 220ms
188ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/stimulus.min-80dbe4ef472aa4590ac97ce562fcde790d030c35173baf245b2a846f58458b9c.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

0da6fc0dcf55a01da3a85ee1ab62193d7568c5249f08c0e5ae9237168589c29b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:10 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 9
content-length: 11069
x-xss-protection: 0

GET
H2 200 stimulus-loading-3576ce92b149ad5d6959438c6f291e2426c86df3b874c525b30faad51b0d96b3.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 3 KB
2 KB 131ms
100ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/stimulus-loading-3576ce92b149ad5d6959438c6f291e2426c86df3b874c525b30faad51b0d96b3.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

d80f0feea68692981b568bbfef0ed4370b56927ae5c663421e8461a466f0618f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:10 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 3
content-length: 1024
x-xss-protection: 0

GET
H2 200 rails-ujs.js Show response
ga.jspm.io/npm:@rails/ujs@6.1.5/lib/assets/compiled/ 14 KB
4 KB 703ms
330ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.jspm.io/npm:@rails/ujs@6.1.5/lib/assets/compiled/rails-ujs.js
Requested by: Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 6c71f976810d6657e5f2a5ce272e7250b8b7bb1ef27c513589578b88fd7b1de9

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
x-cf-tsc: 1724626892
content-encoding: br
x-cf3: M
x-amz-cf-pop: SFO53-P1
cf4ttl: 604800.000
x-cf1: 29674:fM.lax1:co:1724626766:cacheN.lax1-01:H
x-cf-reqid: dfc55827c64a7e04ab2ff4f8d4b5508f
cross-origin-resource-policy: cross-origin
content-length: 3838
x-cf2: H
last-modified: Thu, 10 Mar 2022 21:39:59 GMT
server: CFS 1124
x-cff: B
etag: "1e5ede649d094c3d40af299775dba1be"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000, s-maxage=604800, immutable
cf4age: 0
accept-ranges: bytes
x-amz-cf-id: 7W51bdZIGNOMyv_Zrf06eD8iiUyd6-r-0y_vltRgh7IpvKt6BdOiFw==
expires: Sun, 01 Sep 2024 23:01:31 GMT

GET
H2 200 jquery.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 282 KB
87 KB 294ms
101ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Aug 2024 15:21:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2985546
x-jsd-version: 3.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 88550
x-served-by: cache-fra-eddf8230035-FRA, cache-bur-kbur8200055-BUR
x-jsd-version-type: version
etag: W/"46744-rzL3BkB6sI+ADF5pfM6SRm5zWEc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 semantic.min.js Show response
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/ 269 KB
69 KB 313ms
121ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a04a8582f70e7036623568df1d20c2bee833de95412dbc3afe05cda6ff4371f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Aug 2024 15:21:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1078131
x-jsd-version: 2.4.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70398
x-served-by: cache-fra-etou8220046-FRA, cache-bur-kbur8200055-BUR
x-jsd-version-type: version
etag: W/"43512-PR9QEjcC6Nc1PZjwS12BntUL6DY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics-browser-2.3.5-min.js.gz Show response
cdn.amplitude.com/libs/ 63 KB
18 KB 875ms
481ms Script
application/javascript 108.139.29.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-2.3.5-min.js.gz
Requested by: Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-40.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8588411229a774e04d2202faf179cacd3dfc32adbf18dad2cd1643a91c4166f5

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:50 GMT
content-encoding: gzip
via: 1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
x-amz-version-id: vRr8VZ3CEAuTRni5.PzngQ11tjBt13ew
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 17456
last-modified: Thu, 16 Nov 2023 19:24:06 GMT
server: AmazonS3
etag: "184b553d8c6a05efa382098b6ee620fb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: LkYm3-TzePkRA2JD_8uvxs5Rzi25qCVB3f34WBLyeYFyvUf0SE8btQ==

GET
H2 200 all.js Show response
ga.jspm.io/npm:@fortawesome/fontawesome-free@6.1.1/js/ 2 MB
498 KB 448ms
79ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.jspm.io/npm:@fortawesome/fontawesome-free@6.1.1/js/all.js
Requested by: Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: c4db3c014d654436fbb97312e46fe5e89cd0bf76431662873deae7e204929567

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
x-cf-tsc: 1724626892
content-encoding: br
x-cf3: H
x-amz-cf-pop: SFO53-P1
cf4ttl: 604779.000
x-cf1: 29674:fM.lax1:co:1724626766:cacheN.lax1-01:H
x-cf-reqid: ada013119c790889e07305f54f4ce647
cross-origin-resource-policy: cross-origin
content-length: 509125
x-cf2: H
last-modified: Tue, 22 Mar 2022 17:12:16 GMT
server: CFS 1124
x-cff: B
etag: "e839f159c4fe5762e71469890fa00eb1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000, s-maxage=604800, immutable
cf4age: 21
accept-ranges: bytes
x-amz-cf-id: BS3Hm5-NFHaFhiAGDphoyKR3rOsRVLsxhEsqX18M7SccN0mOnSBH3w==
expires: Sun, 01 Sep 2024 23:00:31 GMT

GET
H2 200 chartkick-8eb76e6cbdb540d495739fce84049fd038e59e7fd55c9e08e47b0b5a74b62db4.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 70 KB
16 KB 200ms
173ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/chartkick-8eb76e6cbdb540d495739fce84049fd038e59e7fd55c9e08e47b0b5a74b62db4.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

ca375b755153082eaea7b71f18be96e60b898a9ed70977b8ac17162645ef7f18

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:10 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 8
content-length: 15050
x-xss-protection: 0

GET
H2 200 user-1686568408d4558c3831624a85b406dd29739c7faef31be08dca0daf1c88e7ab.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 140 B
1 KB 217ms
191ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/user-1686568408d4558c3831624a85b406dd29739c7faef31be08dca0daf1c88e7ab.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

518b9f87454145a7f129b43a77a1704db10bd2bd91eaa270b6ba0a68623c2958

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 8
content-length: 117
x-xss-protection: 0

GET
H2 200 admin-2c3f46197e70740bace075351d52464276f18c8278ff2ad947a5ae85698f3f41.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 158 B
1 KB 204ms
178ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/admin-2c3f46197e70740bace075351d52464276f18c8278ff2ad947a5ae85698f3f41.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

6222e85cd1caf0a49369fc3402954c21e5dc4955014991ac2bf72bce3d4c17c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:48 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 5
content-length: 126
x-xss-protection: 0

GET
H2 200 tenant_admin-6468a764f3d8e5b097b03ea3fa9fbc35b5a7f5a85cd678ec1550dd70797f1032.js Show response
americanfidelity.staging.boldin.com/rails/assets/ 623 B
2 KB 222ms
197ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/tenant_admin-6468a764f3d8e5b097b03ea3fa9fbc35b5a7f5a85cd678ec1550dd70797f1032.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

e1597fbd6741a816eec2999a6faf8bbe8905621f3760c5658c5c3d9dc51973ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 6
content-length: 281
x-xss-protection: 0

GET
H2 200 semantic-ui-helper-97442974f0804f6d6f0dc62b9f9fa217372d505a1917b8f6fcc64d506eaa9117.js Show response
americanfidelity.staging.boldin.com/rails/assets/utils/ 1 KB
2 KB 233ms
211ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/utils/semantic-ui-helper-97442974f0804f6d6f0dc62b9f9fa217372d505a1917b8f6fcc64d506eaa9117.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

008236a5353ce6236a1bbef2b824621c26ea99293c10f0c8bf1a724f7923bf82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 6
content-length: 545
x-xss-protection: 0

GET
H3 200 flowbite.turbo.min.js Show response
cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/ 82 KB
15 KB 225ms
113ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/flowbite.turbo.min.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6095524f5b4a4e67d4855ff52baf36f95c4b9a77cad4e4d3c5ae00763dcf0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 60351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14362
last-modified: Wed, 14 Feb 2024 15:31:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65ccdcb4-381a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FpFVBfsscLD6Ga4CxL9sKRBHN2ikxMDOAQDRyRgloojZWTPrBuGcqwL6OH5Spuoe3uFZBg%2F%2FBIpbpQRTppdX5Nec8kSiHY%2BXC19y1AfK02soZ7LFPB6pnr%2Fef4UJqZgmRt2Skvc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bad88714b7b1736-SJC
expires: Tue, 19 Aug 2025 15:21:49 GMT

GET
H2 200 stimulus-character-counter.mjs Show response
ga.jspm.io/npm:@stimulus-components/character-counter@5.0.0/dist/ 838 B
951 B 692ms
329ms Script
text/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.jspm.io/npm:@stimulus-components/character-counter@5.0.0/dist/stimulus-character-counter.mjs
Requested by: Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 31a7ba03d608c3ca6fbcc14839f16c76c51d3418c42ab6b19173f7baa8dbd04b

Request headers

Referer: https://americanfidelity.staging.boldin.com/
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
x-cf-tsc: 1724626892
content-encoding: br
x-cf3: M
x-amz-cf-pop: SFO53-P1
cf4ttl: 604800.000
x-cf1: 29674:fM.lax1:co:1724626766:cacheN.lax1-01:H
x-cf-reqid: a1236548199c411315f3addc84e84691
cross-origin-resource-policy: cross-origin
content-length: 370
x-cf2: H
last-modified: Tue, 27 Feb 2024 08:14:48 GMT
server: CFS 1124
x-cff: B
etag: "220b878d663dc32ecefb06f389f5b611"
content-type: text/javascript; charset=utf-8
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000, s-maxage=604800, immutable
cf4age: 0
accept-ranges: bytes
x-amz-cf-id: Hp8IlWUF1aqI-0pTGJGUPVsGM_5yiJy1j-DXcwkK4zCFvnk1hTaypg==
expires: Sun, 01 Sep 2024 23:01:31 GMT

GET
H2 200 postArrival-d66785428011f2d3f201f7b689963514bdde348f442fc4f141225394df1cfb9b.js Show response
americanfidelity.staging.boldin.com/rails/assets/helpers/ 984 B
2 KB 217ms
198ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/helpers/postArrival-d66785428011f2d3f201f7b689963514bdde348f442fc4f141225394df1cfb9b.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

cbcc4135bd575999d4fd2e525277572cf4e120e2e692fb18892f47fbf28e12d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 6
content-length: 505
x-xss-protection: 0

GET
H2 200 postEventTrack-50d7ec29cbde8be561a5deaeaf4e9df32dca3477b74ce712cdd338244943307b.js Show response
americanfidelity.staging.boldin.com/rails/assets/helpers/ 640 B
2 KB 220ms
200ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/helpers/postEventTrack-50d7ec29cbde8be561a5deaeaf4e9df32dca3477b74ce712cdd338244943307b.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

3f69625f4a0a56519359255f0e009994923b81c7b6918a684e8bab52e52c2bea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 6
content-length: 389
x-xss-protection: 0

GET
H2 200 fpe_forecast_controller-c0e56055c8192ceefe7b7e30fab02d939b9a3cc4078356ecdf0cfd0ed16b456f.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/admin/ 3 KB
2 KB 225ms
206ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/admin/fpe_forecast_controller-c0e56055c8192ceefe7b7e30fab02d939b9a3cc4078356ecdf0cfd0ed16b456f.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

29904d324ef1a7cef6d861e20e2d4024e136854da0c073aa7496e8c137bb8f17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 5
content-length: 952
x-xss-protection: 0

GET
H2 200 jwt_controller-582e69b772afcb9cb0e83c80195fc9ad5141f06c945f4510dddec9c105812c39.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/admin/ 863 B
2 KB 220ms
203ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/admin/jwt_controller-582e69b772afcb9cb0e83c80195fc9ad5141f06c945f4510dddec9c105812c39.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

b111b5e1c0d1ed414c17eb10981fad5af986ca6e8880c0296bcc289cdd508913

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 4
content-length: 356
x-xss-protection: 0

GET
H2 200 sankey_controller-ee895528a5340b2d8946a66fb59de32e387e671b923b3596488b613c405e2304.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/admin/ 781 B
2 KB 245ms
229ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/admin/sankey_controller-ee895528a5340b2d8946a66fb59de32e387e671b923b3596488b613c405e2304.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

4f4804d00bb838f958c0f5640031d69611b04391f8edcd31cac528b7ffc50af2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 8
content-length: 408
x-xss-protection: 0

GET
H2 200 tenants_controller-4ccc0e1f82e48aab69be03b09b766d4b06954bc88ee55846f56017cfe140e4ae.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/admin/ 556 B
2 KB 224ms
208ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/admin/tenants_controller-4ccc0e1f82e48aab69be03b09b766d4b06954bc88ee55846f56017cfe140e4ae.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

c2db56fb6ce25ba8c981e4092b7acc10e13090a954fbc7f8076e42a635af240e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 8
content-length: 243
x-xss-protection: 0

GET
H2 200 application-3abd96cd3f04f46614673a7ddae6428654a3a61ebf9a367cf806bddda93e3dc4.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 354 B
2 KB 300ms
285ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/application-3abd96cd3f04f46614673a7ddae6428654a3a61ebf9a367cf806bddda93e3dc4.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

6e403d7b024d96a393127402f2dafa234d3c212a49e8422d0447b30af26b306d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 3
content-length: 216
x-xss-protection: 0

GET
H2 200 application_controller-23c8a466c021a3fa328a3c2aaf8052aa5717fcc852ee6a5836bd6a69a571fc07.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 1 KB
2 KB 303ms
290ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/application_controller-23c8a466c021a3fa328a3c2aaf8052aa5717fcc852ee6a5836bd6a69a571fc07.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

a2b7050f4b14ec2ba8f35c8deb671b9b737eb0ee635e4f2653ac4fc1808ce0d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 14
content-length: 469
x-xss-protection: 0

GET
H2 200 arrival_controller-6a4c29df3ac46e1cd075edcef17c1814b1b954c1e22d2b8f8a3f4b84ba61087f.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 1 KB
2 KB 294ms
281ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/arrival_controller-6a4c29df3ac46e1cd075edcef17c1814b1b954c1e22d2b8f8a3f4b84ba61087f.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

1d19c8bbb2d48096197861013014c9daa07e28e2d5ff79124c10d676f07b5a04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 13
content-length: 581
x-xss-protection: 0

GET
H2 200 auth_controller-d2d8aed485bbb5e036ef67e71d6b25e68639d3d5e6135a351bfa42f1691d842a.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 6 KB
3 KB 298ms
286ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/auth_controller-d2d8aed485bbb5e036ef67e71d6b25e68639d3d5e6135a351bfa42f1691d842a.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

abbe1b20d4feee118c13238a3faab0b117fe9290d44102fbd5ac200bb0dc7923

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 3
content-length: 1718
x-xss-protection: 0

GET
H2 200 character_counter_controller-548257fcfad81465fd0c82eb8a5fc517c42b5a171c700d145dfa5145c9fb0330.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 802 B
2 KB 303ms
292ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/character_counter_controller-548257fcfad81465fd0c82eb8a5fc517c42b5a171c700d145dfa5145c9fb0330.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

a439a98043d896517cd3fcfcb3e4555f1b648d6e48a155e8f4c92f81816c5f39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 4
content-length: 422
x-xss-protection: 0

GET
H2 200 hide_reveal_controller-18d9270dc8e8fa87ef382c0724c5facbd135b90ede88af0e72059c2cf264e6ba.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 428 B
2 KB 273ms
262ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/hide_reveal_controller-18d9270dc8e8fa87ef382c0724c5facbd135b90ede88af0e72059c2cf264e6ba.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

ac0e3edac28eb8ac561e48ca7617e2044d7bb5578ca6ec76dff9727db962764c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 4
content-length: 212
x-xss-protection: 0

GET
H2 200 index-2db729dddcc5b979110e98de4b6720f83f91a123172e87281d5a58410fc43806.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 585 B
2 KB 237ms
226ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/index-2db729dddcc5b979110e98de4b6720f83f91a123172e87281d5a58410fc43806.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

248457f421c2ac75ba304921a4b9352d7cce55edfd33304c3d2de8f4b959352c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 5
content-length: 254
x-xss-protection: 0

GET
H2 200 input_format_controller-fed4f39ab0491a7ef8b6adefdaf4c495560cbb205c63fcd01f48ed7e1937b512.js Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 1 KB
2 KB 243ms
233ms Script
text/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/input_format_controller-fed4f39ab0491a7ef8b6adefdaf4c495560cbb205c63fcd01f48ed7e1937b512.js

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

e2e41f24ec62c5e1066d708f4908a865160d85548cba538d8201594f4e77eebe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
vary: accept-encoding, Origin
x-envoy-upstream-service-time: 5
content-length: 580
x-xss-protection: 0

GET
H/1.1

200
OK

4b9sskzh820u3d6xh2tvqdlqgvsz
nr-rails-staging.s3.us-west-1.amazonaws.com/
Redirect Chain

https://americanfidelity.staging.boldin.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsiZGF0YSI6OTYzLCJwdXIiOiJibG9iX2lkIn19--ff0975a2a55b321c954b3e3cad75ca6f5bd5f180/americanfidelity-logo.svg
https://nr-rails-staging.s3.us-west-1.amazonaws.com/4b9sskzh820u3d6xh2tvqdlqgvsz

21 KB
22 KB

377ms
129ms

Image
image/svg+xml

52.219.192.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-rails-staging.s3.us-west-1.amazonaws.com/4b9sskzh820u3d6xh2tvqdlqgvsz
Requested by: Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in
Protocol: HTTP/1.1
Server: 52.219.192.2 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 304dff7e4e5a22e1bb983d786ab62b19745670b83bf7895a783e2b37dd654ad1

Request headers

Referer: https://americanfidelity.staging.boldin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 29 Aug 2024 15:21:50 GMT
Last-Modified: Thu, 08 Aug 2024 18:19:54 GMT
Server: AmazonS3
x-amz-request-id: FZ428KZMYBGPRPV0
ETag: "16bc20ab9ad73be28fdba50d7fa0e8f2"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Content-Disposition: attachment; filename="americanfidelity-logo.svg"; filename*=UTF-8''americanfidelity-logo.svg
Accept-Ranges: bytes
Content-Length: 21710
x-amz-id-2: knSvW4VWlr5nFChS2gGZj+lQximIGYTrs3r8HOusL30CIItL84ker8hZflFxfd7eOV+PMltdXY4=

Redirect headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 22
content-length: 0
x-xss-protection: 0, 0
x-request-id: fbe95461-19b1-41ec-bf6e-d46fdb887360
x-runtime: 0.015936
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
location: https://nr-rails-staging.s3.us-west-1.amazonaws.com/4b9sskzh820u3d6xh2tvqdlqgvsz
cache-control: max-age=300, private

GET
H2 200 dash-c6b16eea289f120b6b701611f9f4fdde224562aa008ca3b45e517f23480b1162.svg
americanfidelity.staging.boldin.com/rails/assets/ 164 B
1 KB 287ms
278ms Image
image/svg+xml 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/dash-c6b16eea289f120b6b701611f9f4fdde224562aa008ca3b45e517f23480b1162.svg

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

047f4e07c49bc545764cdc51d10059519f46219228cff3a195dcce9057f18727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
vary: Origin
content-type: image/svg+xml
x-envoy-upstream-service-time: 4
content-length: 164
x-xss-protection: 0

GET
H2 200 google-c822e9eb8881f8a46cb13664d451e295afa9e2960dba2b8384d25da7d0dac976.svg
americanfidelity.staging.boldin.com/rails/assets/ 987 B
2 KB 113ms
96ms Image
image/svg+xml 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/google-c822e9eb8881f8a46cb13664d451e295afa9e2960dba2b8384d25da7d0dac976.svg

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

49e9a232dc29b16e224cda6e8b38c0cbdcfcb3b01d1197c57f70b28a5af52731

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
vary: Origin
content-type: image/svg+xml
x-envoy-upstream-service-time: 3
content-length: 987
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
70 KB 547ms
177ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K47GFPB&gtm_auth=4LqtAwkuyJREl62CFBNPUA&gtm_preview=env-8&gtm_cookies_win=x

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1638ab55b70264be23e9247f79faed0c83a4dbfeb9ada6df3a27bdedf87ea28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71387
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 15:21:49 GMT

GET
H2 200 character_counter_controller Show response
americanfidelity.staging.boldin.com/rails/assets/controllers/ 802 B
2 KB 103ms
102ms Script
application/javascript 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/controllers/character_counter_controller

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/auth/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

a439a98043d896517cd3fcfcb3e4555f1b648d6e48a155e8f4c92f81816c5f39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/rails/assets/controllers/application-3abd96cd3f04f46614673a7ddae6428654a3a61ebf9a367cf806bddda93e3dc4.js
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-envoy-upstream-service-time: 12
content-length: 802
x-xss-protection: 0
x-request-id: 83b15d57-41a6-4749-93e8-9b1b6021f497
x-runtime: 0.008727
server: istio-envoy
etag: "548257fcfad81465fd0c82eb8a5fc517c42b5a171c700d145dfa5145c9fb0330"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, must-revalidate
vary: Accept-Encoding, Origin

GET
H2 200 ESKlarheitGrotesk-Md.woff2
americanfidelity.staging.boldin.com/rails-assets/fonts/ 52 KB
53 KB 113ms
110ms Font
font/woff2 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails-assets/fonts/ESKlarheitGrotesk-Md.woff2

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

84043ca86adf8041d3eee45c2107ba19a7cae379d9abc628d792a4ae8c10e59c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 29 Aug 2024 07:27:54 GMT
server: istio-envoy
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers
vary: Origin
x-envoy-upstream-service-time: 6
content-length: 53184
x-xss-protection: 0

GET
H2 200 ESKlarheitGrotesk-Rg.woff2
americanfidelity.staging.boldin.com/rails-assets/fonts/ 52 KB
53 KB 96ms
94ms Font
font/woff2 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails-assets/fonts/ESKlarheitGrotesk-Rg.woff2

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

17360384fd4a0c40b6baa51fbb2f74478df077b3b02d7fdfe8ec85820e8513cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 29 Aug 2024 07:27:54 GMT
server: istio-envoy
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers
vary: Origin
x-envoy-upstream-service-time: 6
content-length: 53184
x-xss-protection: 0

GET
H2 200 ESKlarheitGrotesk-Smbd.woff2
americanfidelity.staging.boldin.com/rails-assets/fonts/ 52 KB
53 KB 100ms
99ms Font
font/woff2 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails-assets/fonts/ESKlarheitGrotesk-Smbd.woff2

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

2c1c9a62b72f412846bb6aea3cd3db1bc886a01f1a8b573dba328f42d267e49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/rails/assets/tailwind-c7e605ea65d3dd3b8f4ad955b1ed986781b82444e83fee3dafc4ed4f23f24d3e.css
Origin: https://americanfidelity.staging.boldin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 29 Aug 2024 07:27:54 GMT
server: istio-envoy
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers
vary: Origin
x-envoy-upstream-service-time: 6
content-length: 52876
x-xss-protection: 0

POST
H2 200 arrival Show response
americanfidelity.staging.boldin.com/rails/ 21 B
2 KB 240ms
213ms Fetch
application/json 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/arrival

Requested by

Host: americanfidelity.staging.boldin.com
URL: https://americanfidelity.staging.boldin.com/rails/assets/helpers/postArrival-d66785428011f2d3f201f7b689963514bdde348f442fc4f141225394df1cfb9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

c6a36384713d13b80e34cee7843b479c1a0cb4e3b6591e90b0485696cdb97763

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Aug 2024 15:21:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 112
content-length: 21
x-xss-protection: 0, 0
x-request-id: 0a19a9e1-5c41-4269-8fc2-da0c9dacdaec
x-runtime: 0.107943
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
etag: W/"c6a36384713d13b80e34cee7843b479c"
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
vary: Accept, Origin
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
101 KB 199ms
197ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PZ2R5X4CSQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K47GFPB&gtm_auth=4LqtAwkuyJREl62CFBNPUA&gtm_preview=env-8&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fb5a17f003db305c40cbc1e605fdc6a13e487de70c6788427e8d42fa7f44d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Aug 2024 15:21:50 GMT

GET
H2 200 vldvdr Show response
consent.trustarc.com/v2/notice/ 145 B
464 B 582ms
235ms Script
text/javascript 18.164.124.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/v2/notice/vldvdr

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K47GFPB&gtm_auth=4LqtAwkuyJREl62CFBNPUA&gtm_preview=env-8&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-57.jfk50.r.cloudfront.net

Software

Resource Hash

c673dca2f99be7f610373d1bae2c24f699b7d41eca2c645bf649210f76b48071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://americanfidelity.staging.boldin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:50 GMT
via: 1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK50-P7
vary: Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=iso-8859-1
cache-control: max-age=3600
content-length: 145
x-amz-cf-id: v5JxySI7UldSFbfrLHSX8VByQ3Xnc8H2Th8R1A34idKr1nKF73pO5w==

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 492ms
125ms Fetch
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PZ2R5X4CSQ&gtm=45je48r0v9102401786z8898829220za200zb898829220&_p=1724944909276&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=785207557.1724944911&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724944910&sct=1&seg=0&dl=https%3A%2F%2Famericanfidelity.staging.boldin.com%2Fauth%2Fsign-in&dt=Sign%20In%20%7C%20Boldin&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2649
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PZ2R5X4CSQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://americanfidelity.staging.boldin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 15:21:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://americanfidelity.staging.boldin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon-bcac037c1089aec217b4674e66d220078412bdb8a877b7fd60a39c327a537a6a.ico
americanfidelity.staging.boldin.com/rails/assets/ 15 KB
16 KB 172ms
94ms Other
image/vnd.microsoft.icon 52.8.58.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://americanfidelity.staging.boldin.com/rails/assets/favicon-bcac037c1089aec217b4674e66d220078412bdb8a877b7fd60a39c327a537a6a.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.8.58.237 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-58-237.us-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

d67e896997a9a765d88c795b8b6d45cc951870a8fce00f42a1cad885bc735c6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	0

Request headers

Referer: https://americanfidelity.staging.boldin.com/auth/sign-in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 15:21:50 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.newretirement.com *.googletagmanager.com *.google.com *.google-analytics.com *.partner-newretirement.com *.googleapis.com *.gstatic.com *.doubleclick.net *.googleoptimize.com *.googleadservices.com *.googlesyndication.com *.apple.com *.outbrain.com *.bing.com *.shortpixel.ai *.taboola.com *.facebook.com *.facebook.net *.trustarc.com *.pinterest.com *.pinimg.com *.oribi.io *.dowjoneson.com *.demdex.net *.hotjar.com *.yahoo.com *.woopra.com sentry.io *.sentry.io *.jsdelivr.net *.intercom.io *.intercomcdn.com *.jspm.io *.tiqcdn.com *.liadm.com *.lidstatic.com *.useberry.com *.amplitude.com *.truste.com *.vimeo.com *.yoast.com yoast.com *.hotjar.io *.leadid.com *.plaid.com tsdtocl.com *.scorecardresearch.com *.cxense.com *.cloudflare.com *.imrworldwide.com *.parsely.com *.cloudfront.net *.wsj.net *.licdn.com *.redditstatic.com *.polyfill.io *.sentry-cdn.com *.youtube.com chargedesk.com *.simplecast.com simplecast.com *.thrivecart.com *.clnmde.com *.intercom-sheets.com *.pagespeed-mod.com *.ads-twitter.com *.media.net *.criteo.com *.trendmicro.com *.killadsapi.com *.akamaihd.net *.piano.io *.tinypass.com *.impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://*.hotjar.com wss://*.intercom.io data: ; font-src * data:; img-src * data:; media-src data:;
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 29 Aug 2024 07:30:09 GMT
server: istio-envoy
vary: Origin
content-type: image/vnd.microsoft.icon
x-envoy-upstream-service-time: 3
content-length: 15406
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 156ms
153ms Fetch
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PZ2R5X4CSQ&gtm=45je48r0v9102401786za200zb898829220&_p=1724944909276&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=785207557.1724944911&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724944910&sct=1&seg=0&dl=https%3A%2F%2Famericanfidelity.staging.boldin.com%2Fauth%2Fsign-in&dt=Sign%20In%20%7C%20Boldin&en=scroll&epn.percent_scrolled=90&_et=9&tfd=7680
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PZ2R5X4CSQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://americanfidelity.staging.boldin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 15:21:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://americanfidelity.staging.boldin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
americanfidelity.staging.boldin.com/	1970-01-20 23:09:08	Name: _nr_session Value: 093dc8d29cf5b0db60365e8e31c7cbec
americanfidelity.staging.boldin.com/	1970-01-21 08:45:04	Name: UOG Value: b02ebb8b-0209-4a34-b1a4-cb3fa59b3b52
americanfidelity.staging.boldin.com/	1970-01-20 23:10:31	Name: SOG Value: c2f8fd25-cc60-4f02-9297-fb9a77e06262
.boldin.com/	1970-01-21 08:45:04	Name: _ga Value: GA1.1.785207557.1724944911
.boldin.com/	1970-01-21 08:45:04	Name: _ga_PZ2R5X4CSQ Value: GS1.1.1724944910.1.0.1724944910.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .newretirement.com .googletagmanager.com .google.com .google-analytics.com .partner-newretirement.com .googleapis.com .gstatic.com .doubleclick.net .googleoptimize.com .googleadservices.com .googlesyndication.com .apple.com .outbrain.com .bing.com .shortpixel.ai .taboola.com .facebook.com .facebook.net .trustarc.com .pinterest.com .pinimg.com .oribi.io .dowjoneson.com .demdex.net .hotjar.com .yahoo.com .woopra.com sentry.io .sentry.io .jsdelivr.net .intercom.io .intercomcdn.com .jspm.io .tiqcdn.com .liadm.com .lidstatic.com .useberry.com .amplitude.com .truste.com .vimeo.com .yoast.com yoast.com .hotjar.io .leadid.com .plaid.com tsdtocl.com .scorecardresearch.com .cxense.com .cloudflare.com .imrworldwide.com .parsely.com .cloudfront.net .wsj.net .licdn.com .redditstatic.com .polyfill.io .sentry-cdn.com .youtube.com chargedesk.com .simplecast.com simplecast.com .thrivecart.com .clnmde.com .intercom-sheets.com .pagespeed-mod.com .ads-twitter.com .media.net .criteo.com .trendmicro.com .killadsapi.com .akamaihd.net .piano.io .tinypass.com .impactcdn.com newretirement.pxf.io www.ojrq.net logs-01.loggly.com wss://.hotjar.com wss://.intercom.io data: ; font-src data:; img-src * data:; media-src data:;
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americanfidelity.staging.boldin.com
cdn.amplitude.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent.trustarc.com
ga.jspm.io
js.sentry-cdn.com
nr-rails-staging.s3.us-west-1.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
108.139.29.40
18.164.124.57
205.234.175.175
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81e::200e
2a04:4e42:200::729
2a04:4e42::485
52.219.192.2
52.8.58.237
008236a5353ce6236a1bbef2b824621c26ea99293c10f0c8bf1a724f7923bf82
047f4e07c49bc545764cdc51d10059519f46219228cff3a195dcce9057f18727
06074fed64471722266b6a3c44270b0bb01a9f5879df42c722adaee6ae6f5ed7
0a04a8582f70e7036623568df1d20c2bee833de95412dbc3afe05cda6ff4371f
0da6fc0dcf55a01da3a85ee1ab62193d7568c5249f08c0e5ae9237168589c29b
1638ab55b70264be23e9247f79faed0c83a4dbfeb9ada6df3a27bdedf87ea28f
17360384fd4a0c40b6baa51fbb2f74478df077b3b02d7fdfe8ec85820e8513cf
1d19c8bbb2d48096197861013014c9daa07e28e2d5ff79124c10d676f07b5a04
1dd0c799ec0650df9c4a9717cb0f3014f5ae42a63000eb37314c60626b363e7b
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
248457f421c2ac75ba304921a4b9352d7cce55edfd33304c3d2de8f4b959352c
29904d324ef1a7cef6d861e20e2d4024e136854da0c073aa7496e8c137bb8f17
2c1c9a62b72f412846bb6aea3cd3db1bc886a01f1a8b573dba328f42d267e49f
304dff7e4e5a22e1bb983d786ab62b19745670b83bf7895a783e2b37dd654ad1
31a7ba03d608c3ca6fbcc14839f16c76c51d3418c42ab6b19173f7baa8dbd04b
3f69625f4a0a56519359255f0e009994923b81c7b6918a684e8bab52e52c2bea
477860d4f81f40ac564a0ae2fd2a4b1aeb36f6f16c93eee848ccfad33586e2cc
49e9a232dc29b16e224cda6e8b38c0cbdcfcb3b01d1197c57f70b28a5af52731
4f4804d00bb838f958c0f5640031d69611b04391f8edcd31cac528b7ffc50af2
518b9f87454145a7f129b43a77a1704db10bd2bd91eaa270b6ba0a68623c2958
566e1f9a2522f4b84afd9ffe817ac56e225d2b4e39de53d04784de8a52270bd2
608cad874435e8c30b65d8d39e78bcfe1d1a5a8eb72f342254d695049f77d5fb
6222e85cd1caf0a49369fc3402954c21e5dc4955014991ac2bf72bce3d4c17c6
6c71f976810d6657e5f2a5ce272e7250b8b7bb1ef27c513589578b88fd7b1de9
6e403d7b024d96a393127402f2dafa234d3c212a49e8422d0447b30af26b306d
779e9255f88db83c8d8b2831f8f97361b736c0b43fa1b051d531472b30ac9a0a
84043ca86adf8041d3eee45c2107ba19a7cae379d9abc628d792a4ae8c10e59c
8588411229a774e04d2202faf179cacd3dfc32adbf18dad2cd1643a91c4166f5
9fb5a17f003db305c40cbc1e605fdc6a13e487de70c6788427e8d42fa7f44d01
a2b7050f4b14ec2ba8f35c8deb671b9b737eb0ee635e4f2653ac4fc1808ce0d4
a439a98043d896517cd3fcfcb3e4555f1b648d6e48a155e8f4c92f81816c5f39
abbe1b20d4feee118c13238a3faab0b117fe9290d44102fbd5ac200bb0dc7923
ac0e3edac28eb8ac561e48ca7617e2044d7bb5578ca6ec76dff9727db962764c
b04781e71d45ca3584d8c2507a33eb81846f31c8a1eeadc7f896ae5cd4fb587f
b111b5e1c0d1ed414c17eb10981fad5af986ca6e8880c0296bcc289cdd508913
c2db56fb6ce25ba8c981e4092b7acc10e13090a954fbc7f8076e42a635af240e
c4db3c014d654436fbb97312e46fe5e89cd0bf76431662873deae7e204929567
c673dca2f99be7f610373d1bae2c24f699b7d41eca2c645bf649210f76b48071
c6a36384713d13b80e34cee7843b479c1a0cb4e3b6591e90b0485696cdb97763
ca375b755153082eaea7b71f18be96e60b898a9ed70977b8ac17162645ef7f18
cbcc4135bd575999d4fd2e525277572cf4e120e2e692fb18892f47fbf28e12d5
cc6095524f5b4a4e67d4855ff52baf36f95c4b9a77cad4e4d3c5ae00763dcf0b
d67e896997a9a765d88c795b8b6d45cc951870a8fce00f42a1cad885bc735c6d
d80f0feea68692981b568bbfef0ed4370b56927ae5c663421e8461a466f0618f
e1597fbd6741a816eec2999a6faf8bbe8905621f3760c5658c5c3d9dc51973ba
e2e41f24ec62c5e1066d708f4908a865160d85548cba538d8201594f4e77eebe

americanfidelity.staging.boldin.com Open in urlscan Pro 52.8.58.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

40 %IPv6

10 Domains

10 Subdomains

10 IPs

2 Countries

1198 kBTransfer

3403 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

americanfidelity.staging.boldin.com Open in urlscan Pro
52.8.58.237 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

40 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

1198 kB
Transfer

3403 kB
Size

5
Cookies

49 HTTP transactions
0 data transactions