www.westernsouthern.com Open in urlscan Pro
45.60.156.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/44vUOIJ
Effective URL:
https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_c...
Submission: On March 26 via manual (March 26th 2024, 8:47:39 am UTC) from IN — Scanned from DE

Summary HTTP 56 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 56 HTTP transactions. The main IP is 45.60.156.176, located in United States and belongs to INCAPSULA, US. The main domain is www.westernsouthern.com. The Cisco Umbrella rank of the primary domain is 441667.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on February 28th 2024. Valid for: 6 months.

This is the only time www.westernsouthern.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
37	45.60.156.176 45.60.156.176	19551 (INCAPSULA) (INCAPSULA)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	13.107.246.67 13.107.246.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	63.34.228.124 63.34.228.124	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	18.190.43.29 18.190.43.29	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	52.179.73.44 52.179.73.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
56	14

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 45.60.156.176 (United States)

ASN19551 (INCAPSULA, US)

www.westernsouthern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.228.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-228-124.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.190.43.29 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-43-29.us-east-2.compute.amazonaws.com

collector-30931.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.179.73.44 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-8.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	westernsouthern.com www.westernsouthern.com — Cisco Umbrella Rank: 441667	2 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	297 KB
3	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 2176 eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 8931	66 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2156	305 B
2	tvsquared.com collector-30931.us.tvsquared.com	9 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1305 script.hotjar.com — Cisco Umbrella Rank: 1679	60 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4335	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203	260 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	273 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8180	161 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5992	541 B
56	12

	Domain	Requested by
37	www.westernsouthern.com	www.westernsouthern.com
3	www.google-analytics.com	www.googletagmanager.com js.monitor.azure.com
3	www.googletagmanager.com	www.westernsouthern.com www.googletagmanager.com
2	eastus-8.in.applicationinsights.azure.com	js.monitor.azure.com
2	region1.analytics.google.com	www.googletagmanager.com
2	collector-30931.us.tvsquared.com	www.westernsouthern.com
1	www.google.de	www.westernsouthern.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.facebook.com	www.westernsouthern.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	js.monitor.azure.com	www.westernsouthern.com
1	static.hotjar.com	www.westernsouthern.com
1	bit.ly	1 redirects
56	14

This site contains links to these domains. Also see Links.

Domain
myaccount.westernsouthern.com
wsbrokerage.netxinvestor.com
meetfabric.com
www.gerberlife.com
policies.google.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-02-28` - `2024-08-26`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2024-03-18` - `2025-03-13`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07	`2024-02-02` - `2025-01-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Frame ID: 8983C3C8756D8CE25B339492F966DA52
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Your Whole Life Insurance Quote

Page URL History Show full URLs

https://bit.ly/44vUOIJ HTTP 301
https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

14
Subdomains

14
IPs

4
Countries

2030 kB
Transfer

5197 kB
Size

19
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.westernsouthern.com/?bu=wsl
Title: My Account Login

Search URL Search Domain Scan URL

URL: https://myaccount.westernsouthern.com/?bu=wsl&action=register
Title: Register Your Account

Search URL Search Domain Scan URL

URL: https://wsbrokerage.netxinvestor.com/nxi/login
Title: Pershing NetXInvestor Login

Search URL Search Domain Scan URL

URL: https://meetfabric.com/

Search URL Search Domain Scan URL

URL: https://www.gerberlife.com/

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WesternSouthernFinancialGroup/

Search URL Search Domain Scan URL

URL: https://twitter.com/westernsouthern

Search URL Search Domain Scan URL

URL: https://www.instagram.com/westernandsouthern/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-western-and-southern-life-insurance-company

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wsfg/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@westernsouthernlife

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/44vUOIJ HTTP 301
https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request whole-life-insurance Show response
www.westernsouthern.com/wslife/products/life-insurance/
Redirect Chain

https://bit.ly/44vUOIJ
https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQi...

381 KB
79 KB

1103ms
718ms

Document
text/html

45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5607ade97fb77d0666584da5bcfa20d3d4f4c22184813c2d006a6cedc210e6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: origin
access-control-allow-methods: GET
cache-control: public, s-maxage=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 08:47:33 GMT
item-path: /sitecore/content/WesternSouthern/Home/Products/Life Insurance/Whole Life Insurance
last-fetch-timestamp: 03/26/2024 08:47:33.143
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
strict-transport-security: max-age=31536000; includeSubDomains; preload
template-path: /sitecore/templates/Project/WesternSouthern/Page Type/Multi Instance Templates/Product Subcategory Page
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-iinfo: 5-11876605-11876627 NNNN CT(87 183 0) RT(1711442851341 179) q(0 0 2 0) r(3 7) U18
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 464
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 08:47:32 GMT
location: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 VisitorIdentification.js Show response
www.westernsouthern.com/layouts/system/ 1 KB
785 B 15ms
15ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/layouts/system/VisitorIdentification.js

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0675bcbfa46c1428f1646329585fecbcecce84733eef11f618d471a0f77a16ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 539897, 31680, 11291
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 904) q(0 -1 -1 -1) r(0 -1)
content-length: 568
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:33:14 GMT
etag: "0e9d6866c75da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 hotjar-2703833.js Show response
static.hotjar.com/c/ 14 KB
5 KB 60ms
37ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2703833.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

7c7ebd10112d797ecfb4e0ddc42882c69724c8c4863b890dfef49062cb597fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 08:47:33 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/f52e3409c6fcf3664daa6259c045f976
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: g-u3CWwubrtV36fEcjyiYOKDstjX0W81R9tH_pjuEPvC9oq25FHfug==

GET
H2 200 ai.3.gbl.min.js Show response
js.monitor.azure.com/scripts/b/ 139 KB
66 KB 835ms
177ms Script
text/javascript 13.107.246.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js
Requested by: Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 594a8f63a9d4f658f3f759ce9eac4e5e82e70ec45a8ff21349079c121b71e713

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:28:55 GMT
x-ms-meta-aijssdkver: 3.1.1
vary: Accept-Encoding
x-azure-ref: 20240326T084733Z-78uwx6a8ap3qh7prtq306143g800000009r0000000010669
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 21fd2091-f01e-00c9-65ed-7a6fdc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.3.1.1.gbl.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 modules.0ce9b654b0ac7fef3cf0.js Show response
script.hotjar.com/ 220 KB
55 KB 33ms
7ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2703833.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 408747
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55498
last-modified: Thu, 21 Mar 2024 15:14:32 GMT
etag: "115ac93274d69bd2c455fda9dea090c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SkBK87apkbdcL1u27R4LFXC8laR4yNfP-PZoPP3jt6LKSwCBquEl1Q==

GET
H2 200 vendors.min.css
www.westernsouthern.com/css/ 219 KB
47 KB 16ms
15ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/vendors.min.css?v=932c356ce738018ea6c16d6a57a96511

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

575713abfecfef5a1ec718eba015252750d79be81d2db109b79570946ccd03ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 895158, 2048, 105746
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1001) q(0 -1 -1 -1) r(0 -1)
content-length: 47696
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:36:58 GMT
etag: "0995ac6d75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 common.bundle.min.css
www.westernsouthern.com/css/ 580 KB
103 KB 28ms
27ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/common.bundle.min.css?v=9318c05db66bf5fb766028c8cf971247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d14b010063d754d348533eb599913711340a075c3e660b084a9bac10e2f9f78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 895158, 2048, 105746
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1016) q(0 -1 -1 -1) r(0 -1)
content-length: 105208
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:37:06 GMT
etag: "04d1f116d75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 wslife.bundle.min.css
www.westernsouthern.com/css/ 19 KB
5 KB 40ms
39ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/wslife.bundle.min.css?v=8c1fa8d90a2978124933784bc3849e7d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

441eabbcd6d06eff249b71a13939a2931731d0267e5dcd0f7bd64fdf61b51277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 895158, 3045, 104731
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1023) q(0 -1 -1 -1) r(0 -1)
content-length: 4639
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:37:06 GMT
etag: "04d1f116d75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 GetButtonThemesCss
www.westernsouthern.com/api/sitecore/LayoutApi/ 3 KB
943 B 164ms
163ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/api/sitecore/LayoutApi/GetButtonThemesCss?revision={4FD6810F-6546-46EF-AB18-D226E7A7A89E}

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ab8b6f29bf8b912b24ac97188577ec665ed7ca6e98feb7a712cda5bd378631ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 5-11876605-11876763 NNNY CT(85 189 0) RT(1711442851341 1030) q(0 0 0 -1) r(0 1) U18
content-length: 594
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
access-control-allow-headers: origin

GET
H2 200 vendors-fontawesome.min.css
www.westernsouthern.com/css/ 80 KB
20 KB 44ms
43ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/vendors-fontawesome.min.css?v=bcb2ff18caf0b3e7d0434352e90f7b80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

66cf8d752ae65017a985bb83841301977705c80eb4b3b44535c761ad129797ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 895157, 2049, 105746
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1033) q(0 -1 -1 -1) r(0 -1)
content-length: 20793
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:37:02 GMT
etag: "0f3bce6d75da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-variable.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 42 KB
42 KB 10ms
8ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-variable.woff2?rev=158e149fe85c43c3aa5de24d3e4e9fb9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1ebdaa44472e721ae13d0fb770522938baae01493769ebca3a6ae7cddbb3f5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187153
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 998) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-variable.woff2"
content-length: 42832
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jul 2020 20:07:19 GMT
etag: 8007892bc9cb4cfbb7e1b98d40cb2bd5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: v+ercgQIXh5Ek6mjYx78EqSLAmYAAAAAEMPMOTQckIl04k3+96a2SA==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-logo.svg
www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/ 5 KB
2 KB 45ms
45ms Image
image/svg+xml 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/ws-logo.svg?rev=38ef227a9dd34d57afbb2e1803cb2e6f&la=en&hash=A73F98712242BC100E67B0C3E13B81E9FA4AB374

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

98b5923561e6f978bcf8c6b550df6c935ed06237723f1d36d0c1b1ca61690d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1184755
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1037) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="WS Logo.svg"
content-length: 2164
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 12:57:30 GMT
etag: 83dcff15f48b4cf695b7d5eec24cdaf8
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 western-southern-life-logo.png
www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/business-name-logo/ 1 KB
1 KB 48ms
47ms Image
image/png 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/business-name-logo/western-southern-life-logo.png?rev=7a05d9e36fa34d558b0aa183db2248ee&la=en&h=46&w=249&hash=50B73728DEB6A03FBD3A98810693A8E1D22CF547

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b0b470d30a6ce6bcbbc1c58c028fc2ba44b7c34fb6b30aef5e49a28b6664eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1091643, 7270, 88923
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1039) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="western-southern-life-logo.png"
content-length: 1320
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Feb 2019 16:15:23 GMT
etag: 19f49d695a714f75829e1b9df95c0812
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-brands-400.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 1 KB
1 KB 33ms
32ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-brands-400.woff2?rev=b79e69054bab44529b9dda6f33fc5952

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3322bd3fbb77d1ac9e51ef28e3ea572e53be13d27c78e38310070b5d538c719b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187153
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1043) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-brands-400.woff2"
content-length: 1212
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Mar 2021 13:46:57 GMT
etag: b989fba043d64a35b7db51423f4e3d30
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: /6dhS+9g+05Ek6mjYx78EqSLAmYAAAAA7Nf4U8SHORp4GZ+ffuCbFg==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-solid-900.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 3 KB
4 KB 36ms
35ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-solid-900.woff2?rev=7178e305056a41498222b1ade50a00e3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

68cea196e24e56b54a6bf4435d6de70c5fed6357e504e6524f113c8636085fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187154
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1046) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-solid-900.woff2"
content-length: 3368
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Jul 2022 17:55:00 GMT
etag: dde3c08138d04365869ed68bf774dab2
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: VJABReZy3SZEk6mjYx78EqSLAmYAAAAApU/9aF+b4dsCnMm3JssxSw==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-regular-400.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 4 KB
4 KB 38ms
38ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-regular-400.woff2?rev=098a6b52732c47ebade273dd7927c0db

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88a734d48331c2e70db108c58d42a2c8164a6cbce49544c93624cdf85edc2eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187154
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1049) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-regular-400.woff2"
content-length: 3688
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Apr 2021 17:37:59 GMT
etag: 3122cdfd562145caabf9ff638dc8a8e5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: /mSebATbkExEk6mjYx78EqSLAmYAAAAAmOoRoOyIQ/QBAJLN38dODw==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 fa-brands-400.woff2
www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/ 73 KB
73 KB 21ms
20ms Font
font/woff2 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/fa-brands-400.woff2?v=8cce9d0aa5cffeee10f5aafcdf6723be

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187153
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1147) q(0 -1 -1 -1) r(0 -1)
content-length: 74652
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: 0WdnYJTnfAtEk6mjYx78EqSLAmYAAAAAOBNJfwqv1RI4CWD1dJ0KjQ==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 instagram-social-icon.svg
www.westernsouthern.com/-/media/foundation/westernsouthern/linkmenuitem/ 2 KB
1019 B 21ms
20ms Image
image/svg+xml 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/foundation/westernsouthern/linkmenuitem/instagram-social-icon.svg?rev=cebfcc8324d54b329428f7c0f42e41e3&la=en&h=37&w=37&hash=F5DF3B23465C2C688312A1534E6427C53CD98A10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3ee1d8529a78f0f109465eae8e7c518a09579b9af5de1d3b44756a5486dcd63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1118909
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1157) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="instagram-social-icon.svg"
content-length: 791
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jul 2019 18:13:33 GMT
etag: cfa204c067194a5693c480d1b7e4d47c
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 jquery.min.js Show response
www.westernsouthern.com/vendors/jquery/ 103 KB
42 KB 33ms
32ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/jquery/jquery.min.js?v=0ca370e63fd5e30321d97a4d0a391b72

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

62e310886359dddf8bdfc29af3cc50c6ef49da8e89a7ff98ade68800ce638ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1187154, 713
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1169) q(0 -1 -1 -1) r(0 -1)
content-length: 42744
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 main.min.js Show response
www.westernsouthern.com/scripts/bundles/ 221 KB
90 KB 40ms
40ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19875462e7250bdf6bc69bb1da15fc99d00970ae4f607ce5cf65f934fb13169d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 895158, 12, 108028
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1176) q(0 -1 -1 -1) r(0 -1)
content-length: 91522
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:36:14 GMT
etag: "0bb20f26c75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-light-300.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 9 KB
9 KB 15ms
15ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-light-300.woff2?rev=272139aad5504583b8078a88ae02dffb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3a0a956b1f1e317f467a543578df9bed6d986b2926918fe41358ab518d8c75e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187153
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1184) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-light-300.woff2"
content-length: 9248
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Sep 2021 16:51:06 GMT
etag: e3e96bbef0ee4ad88cf4b23adf94dfa5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: +evCel+k93lEk6mjYx78EqSLAmYAAAAA4U+9r0OoeE+vWwzootQjDA==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 fa-regular-400.woff2
www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/ 149 KB
149 KB 9ms
9ms Font
font/woff2 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/fa-regular-400.woff2?v=d3d31317d040f3dd097bfa4401941d28

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187153
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1206) q(0 -1 -1 -1) r(0 -1)
content-length: 152192
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: 8ODQMAnzEk1Ek6mjYx78EqSLAmYAAAAAykrVDSPiW4c62CjPEaIaBw==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 Index Show response
www.westernsouthern.com/api/sitecore/GetAntiForgeryToken/ 124 B
505 B 136ms
136ms XHR
application/json 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/api/sitecore/GetAntiForgeryToken/Index

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/vendors/jquery/jquery.min.js?v=0ca370e63fd5e30321d97a4d0a391b72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c7890fd8f97a9be8f1d8810811dc98311b053c2521f330849ed5f2b0439284d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 5-11876605-11876763 PNNy RT(1711442851341 1224) q(0 0 0 -1) r(1 1) U19
content-length: 252
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private
access-control-allow-headers: origin

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 204ms
66ms XHR
application/json 63.34.228.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2703833&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.34.228.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-228-124.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d048bd126d7e888cb4d0458bee6b3d8ca6380b481c6844f73f8d8c335452f41b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 08:47:33 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 grandmother-daughter-hiking-dog.jpg
www.westernsouthern.com/-/media/feature/westernsouthern/hero/hero-form/ 111 KB
112 KB 31ms
31ms Image
image/jpeg 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/feature/westernsouthern/hero/hero-form/grandmother-daughter-hiking-dog.jpg?rev=ee4accdb29df4fd5aa3f1f94472c646a&la=en&h=600&w=980&hash=D6887806AE50E7B0C051E9AEE54FA57B4A6844DB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5335a4678d2b817f48ddd678836c7162c17911684b1e0159e0083f57aec68b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 557890, 629699
x-iinfo: 5-11876605-11873114 2CNN RT(1711442851341 1417) q(0 0 0 -1) r(0 0) U18
content-disposition: inline; filename="grandmother-daughter-hiking-dog.jpg"
content-length: 113672
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Jun 2021 18:36:35 GMT
etag: 5006970f298344de82bf075d2ef56819
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 2154.min.js Show response
www.westernsouthern.com/scripts/bundles/ 71 KB
29 KB 13ms
13ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/2154.min.js?v=f6237e1b6198574fe798

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4948a5b72b5d9a800f238dd46da241a96b0bdf787c1d5349aa788f186a0940e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1171601, 7325, 8963
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1448) q(0 -1 -1 -1) r(0 -1)
content-length: 29706
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 9779.min.js Show response
www.westernsouthern.com/scripts/bundles/ 29 KB
12 KB 15ms
14ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/9779.min.js?v=b83e65ac6daf464e9bbb

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

27931b1f5bb88d23648755f57eaa6c3351bc303596dce25e395b944617ff0a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1187153, 736
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1451) q(0 -1 -1 -1) r(0 -1)
content-length: 11973
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 validation.min.js Show response
www.westernsouthern.com/scripts/bundles/ 4 KB
2 KB 17ms
17ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/validation.min.js?v=9b97784178bf1def1606

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f75bfcf52eff37055c6ba37438bdd1e48ec69a563d08c73690db48057aa61f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1187153, 712
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1454) q(0 -1 -1 -1) r(0 -1)
content-length: 2167
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 custom-forms.min.js Show response
www.westernsouthern.com/scripts/bundles/ 6 KB
3 KB 20ms
20ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/custom-forms.min.js?v=d12e355855aeb6cc6afd

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

77de4868fc9f329d5504f68d0e76e42039ec7c0b1f128ce54cc7e78651bf84c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1187153, 712
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1458) q(0 -1 -1 -1) r(1 -1)
content-length: 2625
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 2567.min.js Show response
www.westernsouthern.com/scripts/bundles/ 1 MB
472 KB 17ms
13ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/2567.min.js?v=efd6bef0f881bd9ffee6

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6b9c07e7fe635eaf0203e82a46996072f60845a09697a610f015098595ed656c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 654495, 345328, 3085
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1466) q(0 -1 -1 -1) r(0 -1)
content-length: 482683
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:36:14 GMT
etag: "0bb20f26c75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 4315.min.js Show response
www.westernsouthern.com/scripts/bundles/ 57 KB
17 KB 23ms
20ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/4315.min.js?v=3dbe51f70aa2d55365b7

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4a795fdf8a679d56d2075876b1d941c8752842180b60c307c4aba61a90c856dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 654495, 504505, 28254
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1473) q(0 -1 -1 -1) r(0 -1)
content-length: 17484
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 992.min.js Show response
www.westernsouthern.com/scripts/bundles/ 50 KB
16 KB 29ms
26ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/992.min.js?v=b8a72d886ffee9ec8a47

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e65f802cb72972db0594ef1ea282faafd91bb75225e503a43e2fc6cb58f134bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 654495, 504505, 28254
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1477) q(0 -1 -1 -1) r(0 -1)
content-length: 16505
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 8769.min.js Show response
www.westernsouthern.com/scripts/bundles/ 35 KB
12 KB 52ms
50ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/8769.min.js?v=3a7f0ebdada43f18641f

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

631b423fa92d172fbb27bc7616bf02ee19919cd1564294b6f1d5088a271589f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1171611, 15874
x-iinfo: 5-11876605-11873117 2CNN RT(1711442851341 1481) q(0 0 0 -1) r(0 0) U18
content-length: 11985
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 3882.min.js Show response
www.westernsouthern.com/scripts/bundles/ 15 KB
5 KB 54ms
51ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/3882.min.js?v=0f515490b609a0fe0ff0

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c33403e0891dce8352c930c41f1b864677f49c6a97173ac6f5d3ded85d751198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1159001, 28254
x-iinfo: 5-11876605-11875128 2CNN RT(1711442851341 1484) q(0 0 0 -1) r(0 0) U18
content-length: 4766
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 calculator.min.js Show response
www.westernsouthern.com/scripts/bundles/ 9 KB
4 KB 59ms
56ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/calculator.min.js?v=fc8a051da05bf05d25cb

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2360038c726ca608ebfc2afd74b5f4cae0e43d72e0026d2ee8dac5777bed149e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 999824, 2986
x-iinfo: 5-11876605-11865083 2CNN RT(1711442851341 1488) q(0 0 0 -1) r(0 0) U18
content-length: 4200
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:36:14 GMT
etag: "0bb20f26c75da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 wsl-find-a-rep.min.js Show response
www.westernsouthern.com/scripts/bundles/ 7 KB
3 KB 52ms
50ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/wsl-find-a-rep.min.js?v=93ac95a410b48eda1152

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

59ac60ebbebf22a7ae35a12d06dc9ccf40aab3876ec09c4eaff4217f9448252f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1091640, 7325, 88924
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1492) q(0 -1 -1 -1) r(0 -1)
content-length: 3426
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 225.min.js Show response
www.westernsouthern.com/scripts/bundles/ 84 KB
28 KB 53ms
52ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/225.min.js?v=88b93118f9aa49992a23

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cefea31644dda1d7aa66f763bf8add06dd901f9334d452dbcd8de6ed13924983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1171601, 14313, 1800
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1497) q(0 -1 -1 -1) r(0 -1)
content-length: 28403
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 table.min.js Show response
www.westernsouthern.com/scripts/bundles/ 10 KB
4 KB 58ms
57ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/table.min.js?v=c08d020b85f24975a2c8

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

23f5f44de09103e06e463077f356fd40d56475f3a14f2ba7090758bca24cc45c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1171601, 14313, 1800
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1500) q(0 -1 -1 -1) r(0 -1)
content-length: 4197
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 382 KB
107 KB 73ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c2edf95b8619524f4c13c93517e345e02c049249b3242aa3d9869931ef30d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109341
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 08:47:33 GMT

GET
H2 200 fa-light-300.woff2
www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/ 161 KB
161 KB 21ms
21ms Font
font/woff2 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/fa-light-300.woff2?v=50ef43c2ffd372ce035948a55ffcea13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1187153
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 1631) q(0 -1 -1 -1) r(0 -1)
content-length: 164724
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: ACR+T6Y9ZWJEk6mjYx78EqSLAmYAAAAA61TurdXcJTZm7HmBLhg2AQ==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e185899671f028af49837913287ce86507c874d9ff7a81ab60abb10c57dec934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 08:47:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91V5L64MGX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4804402db1806b60a2fca13394efcfa95a2301c5dbc9d329e5ed592097aa7c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 08:47:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 07:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4132
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Mar 2024 09:38:42 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-30931.us.tvsquared.com/ 20 KB
9 KB 438ms
100ms Script
application/javascript 18.190.43.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-30931.us.tvsquared.com/tv2track.js
Requested by: Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.43.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-43-29.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 08:47:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx
ETag: "65d377e7-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 26 Mar 2024 08:57:34 GMT

GET
H2 200 tr
www.facebook.com/ 0
273 B 25ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=125971511470604&ev=PageView&noscript=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Mar 2024 08:47:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 38ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-91V5L64MGX&gtm=45je43p0v893566888z877497308za200&_p=1711442853917&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1453344665.1711442854&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711442854&sct=1&seg=0&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance%3Futm_source%3Dlinkedin%26utm_medium%3DHearsay%26utm_content%3D2295693%26utm_campaign%3D1116567%26hss_meta%3DeyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%253D%253D&dt=Get%20Your%20Whole%20Life%20Insurance%20Quote&en=Web%20Vitals&_fv=1&_nsi=1&_ss=1&ep.business_unit=WSLife&ep.content_group=(other)&ep.content_sub_group=Whole%20Life%20Insurance&ep.effective_connection_type=4g&epn.device_width=1600&epn.device_height=1113&ep.criticalCSS=true&ep.SaveData=false&ep.NavigationType=navigate&epn.Score=1378&ep.Rating=Good&ep.Element=&ep.Metric=FCP&tfd=2175
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 08:47:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 61ms
21ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91V5L64MGX&cid=1453344665.1711442854&gtm=45je43p0v893566888z877497308za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 08:47:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 57ms
32ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-91V5L64MGX&cid=1453344665.1711442854&gtm=45je43p0v893566888z877497308za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=22709181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 08:47:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=909041463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance%3Futm_source%3Dlinkedin%26utm_medium%3Dhearsay%26utm_content%3D2295693%26utm_campaign%3D1116567%26hss_meta%3Deyjvcmdhbml6yxrpb25fawqioiazotesicjncm91cf9pzci6idexmty1njcsicjhc3nldf9pzci6idiyntc4mzisicjncm91cf9jb250zw50x2lkijogmte2otuzmdiwlcaiz3jvdxbfbmv0d29ya19jb250zw50x2lkijogmtgynzyznjk0fq%253d%253d&dp=%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance&ul=en-us&de=UTF-8&dt=Get%20Your%20Whole%20Life%20Insurance%20Quote&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAEABAAAAACgAI~&jid=1450256674&gjid=809878432&cid=1453344665.1711442854&tid=UA-5364019-1&_gid=2030931998.1711442854&_r=1&_slc=1&gtm=45He43p0n81KTQS585v77497308za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1022489326

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 08:47:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-30931.us.tvsquared.com/ 42 B
276 B 102ms
101ms Image
image/gif 18.190.43.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-30931.us.tvsquared.com/tv2track.php?action_name=Get%20Your%20Whole%20Life%20Insurance%20Quote&idsite=TV-6390096381-1&rec=1&r=925312&h=9&m=47&s=34&url=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance%3Futm_source%3Dlinkedin%26utm_medium%3DHearsay%26utm_content%3D2295693%26utm_campaign%3D1116567%26hss_meta%3DeyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%253D%253D&_id=4f8a1d4fe07ac616&_idts=1711442855&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=800x600&gt_ms=895
Requested by: Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.43.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-43-29.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Tue, 26 Mar 2024 08:47:34 GMT
Server: nginx
Connection: keep-alive
Request-Id: a90122d5-5672-4099-9524-7bc0b4d52d17
Content-Length: 42
Content-Type: image/gif

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=909041463&t=timing&_s=2&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance%3Futm_source%3Dlinkedin%26utm_medium%3Dhearsay%26utm_content%3D2295693%26utm_campaign%3D1116567%26hss_meta%3Deyjvcmdhbml6yxrpb25fawqioiazotesicjncm91cf9pzci6idexmty1njcsicjhc3nldf9pzci6idiyntc4mzisicjncm91cf9jb250zw50x2lkijogmte2otuzmdiwlcaiz3jvdxbfbmv0d29ya19jb250zw50x2lkijogmtgynzyznjk0fq%253d%253d&dp=%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance&ul=en-us&de=UTF-8&dt=Get%20Your%20Whole%20Life%20Insurance%20Quote&sd=24-bit&sr=800x600&vp=1600x1113&je=0&plt=2652&pdt=177&dns=1&rrt=129&srt=718&tcp=180&dit=1485&clt=1576&_gst=2103&_gbt=2229&_u=YADAAEABAAAAACgAI~&jid=&gjid=&cid=1453344665.1711442854&tid=UA-5364019-1&_gid=2030931998.1711442854&gtm=45He43p0n81KTQS585v77497308za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1551277442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 02:52:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21275
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
www.westernsouthern.com/-/media/project/westernsouthern/images/wsfg/icons/ 15 KB
5 KB 15ms
14ms Other
image/x-icon 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/images/wsfg/icons/favicon.ico?rev=a57d52f1ef584390b35ba3ef6b37fbef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9985631b47a45ea805426ef49ec2d0cd410bce43fe122dcc8106013321a483e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1018744
x-iinfo: 5-11876605-0 0CNN RT(1711442851341 2366) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="favicon.ico"
content-length: 4846
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 May 2019 02:11:43 GMT
etag: 0229d1bf86054fbfa2a9316ac1a5343e
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-methods: GET
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

POST
H2 200 track Show response
eastus-8.in.applicationinsights.azure.com/v2/ 62 B
166 B 98ms
97ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.44 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Tue, 26 Mar 2024 08:47:34 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
eastus-8.in.applicationinsights.azure.com/v2/ 0
0 606ms
220ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.44 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.westernsouthern.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Tue, 26 Mar 2024 08:47:34 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H2 200 mother-daughter-working.jpg
www.westernsouthern.com/-/media/feature/westernsouthern/content-blocks/lefty-righty/ 15 KB
16 KB 108ms
108ms Image
image/jpeg 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/feature/westernsouthern/content-blocks/lefty-righty/mother-daughter-working.jpg?rev=e3ae9cf4f4a64d55b7ee24ce7c23c6fe&la=en&h=300&mw=440&w=440&hash=12A1BEE6A1BD6BE28203F9D47CAD02945CB9819A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4dfe1374ecc45d02fcaa06e5ad966935b9f1245f433916206d57adfe41c4031c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:47:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1186587
x-iinfo: 5-11876605-11873114 3CNN RT(1711442851341 3338) q(0 0 0 -1) r(1 1) U18
content-disposition: inline; filename="mother-daughter-working.jpg"
content-length: 15706
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Mar 2021 16:58:02 GMT
etag: 29b60240d0ac42c890d972a8d3d692c2
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-91V5L64MGX&gtm=45je43p0v893566888z877497308za200&_p=1711442853917&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1453344665.1711442854&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&sid=1711442854&sct=1&seg=1&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fproducts%2Flife-insurance%2Fwhole-life-insurance%3Futm_source%3Dlinkedin%26utm_medium%3DHearsay%26utm_content%3D2295693%26utm_campaign%3D1116567%26hss_meta%3DeyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%253D%253D&dt=Get%20Your%20Whole%20Life%20Insurance%20Quote&_s=2&tfd=7190
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/products/life-insurance/whole-life-insurance?utm_source=linkedin&utm_medium=Hearsay&utm_content=2295693&utm_campaign=1116567&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDExMTY1NjcsICJhc3NldF9pZCI6IDIyNTc4MzIsICJncm91cF9jb250ZW50X2lkIjogMTE2OTUzMDIwLCAiZ3JvdXBfbmV0d29ya19jb250ZW50X2lkIjogMTgyNzYzNjk0fQ%3D%3D
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 08:47:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 23:43:14	Name: _bit Value: o2q8Lw-f95ba34d750647428c-00o
.www.westernsouthern.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: b761c42bdfdc9a0b5111f8fa615133527d54cdc5e66e95c8427908de51759bef
.www.westernsouthern.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: b761c42bdfdc9a0b5111f8fa615133527d54cdc5e66e95c8427908de51759bef
.westernsouthern.com/	1970-01-21 04:09:04	Name: visid_incap_2261758 Value: pDU02OmiQLGKgFKUNN2ZeaOLAmYAAAAAQUIPAAAAAAAo/TfpzyJ2YcnTvA0v6HB2
.westernsouthern.com/	1969-12-31 23:59:59	Name: nlbi_2261758 Value: bcmsDQQF9l8c3SzMx292mAAAAAAJQUIBP5t7Ui4eRR0oNoXM
.westernsouthern.com/	1969-12-31 23:59:59	Name: incap_ses_1368_2261758 Value: YM13bzVT/SFEk6mjYx78EqSLAmYAAAAAf9tphoQy/kH8LXDXsYK5MQ==
www.westernsouthern.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mefd5qcanu3x32otzykcdzin
www.westernsouthern.com/	1970-01-21 05:00:02	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 56590f72f18a4f3db076fc1eae41e3b4\|False
.westernsouthern.com/	1970-01-21 04:09:38	Name: _hjSessionUser_2703833 Value: eyJpZCI6ImM1MmMzMGI5LTQ1ODQtNTY5MC04N2ZlLTk5ZjUyYTMwNGZkNyIsImNyZWF0ZWQiOjE3MTE0NDI4NTM1NTAsImV4aXN0aW5nIjp0cnVlfQ==
.westernsouthern.com/	1970-01-20 19:24:04	Name: _hjSession_2703833 Value: eyJpZCI6IjJhODViYmUxLTYyNjYtNDgxNC04YjgxLTAzNGNkNjNiNTRmYyIsImMiOjE3MTE0NDI4NTM1NTEsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.westernsouthern.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: AMjyK94CPuGcLPf54lPxHRdNyLbFB8ixEyAVC6-smNTXdexHJaAGruNGU2DvbfYAEClALlTnOLcHhKm80-dQkiKj2wlArcVBfoLDM9KSU9k1
.westernsouthern.com/	1970-01-20 21:33:38	Name: _gcl_au Value: 1.1.314576280.1711442854
www.westernsouthern.com/	1970-01-21 04:09:38	Name: ai_user Value: imnVdLcmh1IvHqKb72vV7T\|2024-03-26T08:47:34.187Z
.westernsouthern.com/	1970-01-21 05:00:02	Name: _ga Value: GA1.2.1453344665.1711442854
.westernsouthern.com/	1970-01-20 19:25:29	Name: _gid Value: GA1.2.2030931998.1711442854
.westernsouthern.com/	1970-01-20 19:24:02	Name: _gat_UA-5364019-1 Value: 1
www.westernsouthern.com/	1970-01-20 19:24:04	Name: ai_session Value: 3s+c/LW6LAyoWXbk75xCmD\|1711442854225\|1711442854225
www.westernsouthern.com/	1970-01-21 05:00:02	Name: _tq_id.TV-6390096381-1.d94f Value: 4f8a1d4fe07ac616.1711442855.0.1711442855..
.westernsouthern.com/	1970-01-21 05:00:02	Name: _ga_91V5L64MGX Value: GS1.1.1711442854.1.1.1711442854.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
collector-30931.us.tvsquared.com
content.hotjar.io
eastus-8.in.applicationinsights.azure.com
js.monitor.azure.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.westernsouthern.com
13.107.246.67
13.32.27.54
18.190.43.29
18.66.97.37
2001:4860:4802:34::36
2a00:1450:4001:801::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a03:2880:f176:181:face:b00c:0:25de
45.60.156.176
52.179.73.44
63.34.228.124
67.199.248.10
0675bcbfa46c1428f1646329585fecbcecce84733eef11f618d471a0f77a16ee
19875462e7250bdf6bc69bb1da15fc99d00970ae4f607ce5cf65f934fb13169d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ebdaa44472e721ae13d0fb770522938baae01493769ebca3a6ae7cddbb3f5c0
2360038c726ca608ebfc2afd74b5f4cae0e43d72e0026d2ee8dac5777bed149e
23f5f44de09103e06e463077f356fd40d56475f3a14f2ba7090758bca24cc45c
27931b1f5bb88d23648755f57eaa6c3351bc303596dce25e395b944617ff0a84
3322bd3fbb77d1ac9e51ef28e3ea572e53be13d27c78e38310070b5d538c719b
3a0a956b1f1e317f467a543578df9bed6d986b2926918fe41358ab518d8c75e0
3ee1d8529a78f0f109465eae8e7c518a09579b9af5de1d3b44756a5486dcd63e
441eabbcd6d06eff249b71a13939a2931731d0267e5dcd0f7bd64fdf61b51277
4804402db1806b60a2fca13394efcfa95a2301c5dbc9d329e5ed592097aa7c57
4948a5b72b5d9a800f238dd46da241a96b0bdf787c1d5349aa788f186a0940e6
4a795fdf8a679d56d2075876b1d941c8752842180b60c307c4aba61a90c856dc
4dfe1374ecc45d02fcaa06e5ad966935b9f1245f433916206d57adfe41c4031c
5335a4678d2b817f48ddd678836c7162c17911684b1e0159e0083f57aec68b35
5607ade97fb77d0666584da5bcfa20d3d4f4c22184813c2d006a6cedc210e6f7
575713abfecfef5a1ec718eba015252750d79be81d2db109b79570946ccd03ea
594a8f63a9d4f658f3f759ce9eac4e5e82e70ec45a8ff21349079c121b71e713
59ac60ebbebf22a7ae35a12d06dc9ccf40aab3876ec09c4eaff4217f9448252f
5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637
62e310886359dddf8bdfc29af3cc50c6ef49da8e89a7ff98ade68800ce638ff1
631b423fa92d172fbb27bc7616bf02ee19919cd1564294b6f1d5088a271589f6
66cf8d752ae65017a985bb83841301977705c80eb4b3b44535c761ad129797ca
68cea196e24e56b54a6bf4435d6de70c5fed6357e504e6524f113c8636085fe5
6b9c07e7fe635eaf0203e82a46996072f60845a09697a610f015098595ed656c
6c2edf95b8619524f4c13c93517e345e02c049249b3242aa3d9869931ef30d0a
77de4868fc9f329d5504f68d0e76e42039ec7c0b1f128ce54cc7e78651bf84c5
7c7ebd10112d797ecfb4e0ddc42882c69724c8c4863b890dfef49062cb597fc4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
88a734d48331c2e70db108c58d42a2c8164a6cbce49544c93624cdf85edc2eee
98b5923561e6f978bcf8c6b550df6c935ed06237723f1d36d0c1b1ca61690d5c
9985631b47a45ea805426ef49ec2d0cd410bce43fe122dcc8106013321a483e8
9b0b470d30a6ce6bcbbc1c58c028fc2ba44b7c34fb6b30aef5e49a28b6664eb8
a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
ab8b6f29bf8b912b24ac97188577ec665ed7ca6e98feb7a712cda5bd378631ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c33403e0891dce8352c930c41f1b864677f49c6a97173ac6f5d3ded85d751198
c7890fd8f97a9be8f1d8810811dc98311b053c2521f330849ed5f2b0439284d1
cefea31644dda1d7aa66f763bf8add06dd901f9334d452dbcd8de6ed13924983
d048bd126d7e888cb4d0458bee6b3d8ca6380b481c6844f73f8d8c335452f41b
d14b010063d754d348533eb599913711340a075c3e660b084a9bac10e2f9f78f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e185899671f028af49837913287ce86507c874d9ff7a81ab60abb10c57dec934
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65f802cb72972db0594ef1ea282faafd91bb75225e503a43e2fc6cb58f134bc
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f75bfcf52eff37055c6ba37438bdd1e48ec69a563d08c73690db48057aa61f95
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2

www.westernsouthern.com Open in urlscan Pro 45.60.156.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

43 %IPv6

12 Domains

14 Subdomains

14 IPs

4 Countries

2030 kBTransfer

5197 kBSize

19 Cookies

13 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.westernsouthern.com Open in urlscan Pro
45.60.156.176 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

14
Subdomains

14
IPs

4
Countries

2030 kB
Transfer

5197 kB
Size

19
Cookies

56 HTTP transactions
1 data transactions