www.westernsouthern.com Open in urlscan Pro
45.60.156.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3DCieRj
Effective URL:
https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDI...
Submission: On March 26 via manual (March 26th 2024, 9:10:39 am UTC) from IN — Scanned from DE

Summary HTTP 42 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 42 HTTP transactions. The main IP is 45.60.156.176, located in United States and belongs to INCAPSULA, US. The main domain is www.westernsouthern.com. The Cisco Umbrella rank of the primary domain is 441667.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on February 28th 2024. Valid for: 6 months.

This is the only time www.westernsouthern.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
24	45.60.156.176 45.60.156.176	19551 (INCAPSULA) (INCAPSULA)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:bdf::63 2620:1ec:bdf::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1	63.34.228.124 63.34.228.124	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	18.223.63.188 18.223.63.188	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
2	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
2	52.188.247.148 52.188.247.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
42	14

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 45.60.156.176 (United States)

ASN19551 (INCAPSULA, US)

www.westernsouthern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.228.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-228-124.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.223.63.188 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-63-188.us-east-2.compute.amazonaws.com

collector-30931.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.188.247.148 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-8.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	westernsouthern.com www.westernsouthern.com — Cisco Umbrella Rank: 441667	694 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	297 KB
3	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 2176 eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 8931	66 KB
2	tvsquared.com collector-30931.us.tvsquared.com	9 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1305 script.hotjar.com — Cisco Umbrella Rank: 1679	60 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4335	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203	251 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2156	260 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8180	161 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5992	461 B
42	11

	Domain	Requested by
24	www.westernsouthern.com	www.westernsouthern.com js.monitor.azure.com
4	www.google-analytics.com	www.googletagmanager.com js.monitor.azure.com
3	www.googletagmanager.com	www.westernsouthern.com www.googletagmanager.com
2	eastus-8.in.applicationinsights.azure.com	js.monitor.azure.com
2	collector-30931.us.tvsquared.com	www.westernsouthern.com
1	www.google.de	www.westernsouthern.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	content.hotjar.io	js.monitor.azure.com
1	script.hotjar.com	static.hotjar.com
1	js.monitor.azure.com	www.westernsouthern.com
1	static.hotjar.com	www.westernsouthern.com
1	bit.ly	1 redirects
42	13

This site contains links to these domains. Also see Links.

Domain
myaccount.westernsouthern.com
wsbrokerage.netxinvestor.com
meetfabric.com
www.gerberlife.com
www.finra.org
www.sipc.org
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.pinterest.com
www.youtube.com
www.google.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-02-28` - `2024-08-26`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2024-03-18` - `2025-03-13`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 08	`2024-02-08` - `2025-02-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Frame ID: 40D580473031108FAF4698FFF2F4DCFD
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eSnapshot | Western & Southern Life

Page URL History Show full URLs

https://bit.ly/3DCieRj HTTP 301
https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJ... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

36 %
IPv6

11
Domains

13
Subdomains

14
IPs

4
Countries

1148 kB
Transfer

3326 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.westernsouthern.com/?bu=wsl
Title: My Account Login

Search URL Search Domain Scan URL

URL: https://myaccount.westernsouthern.com/?bu=wsl&action=register
Title: Register Your Account

Search URL Search Domain Scan URL

URL: https://wsbrokerage.netxinvestor.com/nxi/login
Title: Pershing NetXInvestor Login

Search URL Search Domain Scan URL

URL: https://meetfabric.com/

Search URL Search Domain Scan URL

URL: https://www.gerberlife.com/

Search URL Search Domain Scan URL

URL: https://www.finra.org/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WesternSouthernFinancialGroup/

Search URL Search Domain Scan URL

URL: https://twitter.com/westernsouthern

Search URL Search Domain Scan URL

URL: https://www.instagram.com/westernandsouthern/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-western-and-southern-life-insurance-company

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wsfg/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@westernsouthernlife

Search URL Search Domain Scan URL

URL: http://www.google.com/policies/privacy/partners/
Title: www.google.com/policies/privacy/partners/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3DCieRj HTTP 301
https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request esnapshot Show response
www.westernsouthern.com/wslife/
Redirect Chain

https://bit.ly/3DCieRj
https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIy...

298 KB
66 KB

1415ms
941ms

Document
text/html

45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b1a9173af95ddf1bbd979b71b31a839f2f05dc386561e94256c8dbf1cd52bfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: origin
access-control-allow-methods: GET
cache-control: public, s-maxage=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 09:10:34 GMT
item-path: /sitecore/content/WesternSouthern/Home/WSLife/eSnapshot
last-fetch-timestamp: 03/26/2024 09:10:34.701
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
strict-transport-security: max-age=31536000; includeSubDomains; preload
template-path: /sitecore/templates/Project/WesternSouthern/Page Type/Multi Instance Templates/Flexible Full Width Page
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-iinfo: 6-34462434-34462445 NNNN CT(87 197 0) RT(1711444233509 28) q(0 0 3 1) r(4 9) U18
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 344
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 09:10:33 GMT
location: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 VisitorIdentification.js Show response
www.westernsouthern.com/layouts/system/ 1 KB
923 B 25ms
24ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/layouts/system/VisitorIdentification.js

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0675bcbfa46c1428f1646329585fecbcecce84733eef11f618d471a0f77a16ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 421848, 151112, 11291
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 971) q(0 -1 -1 -1) r(0 -1)
content-length: 729
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:33:14 GMT
etag: "0e9d6866c75da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=604800, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 hotjar-2703833.js Show response
static.hotjar.com/c/ 14 KB
5 KB 108ms
62ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2703833.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

7c7ebd10112d797ecfb4e0ddc42882c69724c8c4863b890dfef49062cb597fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 09:10:34 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/f52e3409c6fcf3664daa6259c045f976
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: oldBksQeyM1ilhzyXPeTTTqP2kJBu_DSBZYo8fqAuJKpY_gG6DD4mA==

GET
H2 200 ai.3.gbl.min.js Show response
js.monitor.azure.com/scripts/b/ 139 KB
66 KB 132ms
27ms Script
text/javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js
Requested by: Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 594a8f63a9d4f658f3f759ce9eac4e5e82e70ec45a8ff21349079c121b71e713

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:28:55 GMT
x-ms-meta-aijssdkver: 3.1.1
vary: Accept-Encoding
x-azure-ref: 20240326T091034Z-ufddfe4fbd6c1bhunrn7fr52h4000000038000000000rbae
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 21fd2091-f01e-00c9-65ed-7a6fdc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.3.1.1.gbl.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 vendors.min.css
www.westernsouthern.com/css/ 219 KB
47 KB 46ms
45ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/vendors.min.css?v=932c356ce738018ea6c16d6a57a96511

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

575713abfecfef5a1ec718eba015252750d79be81d2db109b79570946ccd03ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 994591, 2048, 7691
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1088) q(0 -1 -1 -1) r(0 -1)
content-length: 47696
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:36:58 GMT
etag: "0995ac6d75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 common.bundle.min.css
www.westernsouthern.com/css/ 580 KB
103 KB 64ms
63ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/common.bundle.min.css?v=9318c05db66bf5fb766028c8cf971247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d14b010063d754d348533eb599913711340a075c3e660b084a9bac10e2f9f78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 994590, 2048, 7691
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1107) q(0 -1 -1 -1) r(0 -1)
content-length: 105208
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:37:06 GMT
etag: "04d1f116d75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 wslife.bundle.min.css
www.westernsouthern.com/css/ 19 KB
5 KB 76ms
75ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/wslife.bundle.min.css?v=8c1fa8d90a2978124933784bc3849e7d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

441eabbcd6d06eff249b71a13939a2931731d0267e5dcd0f7bd64fdf61b51277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 793503, 207767, 3045
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1118) q(0 -1 -1 -1) r(0 -1)
content-length: 4639
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:37:06 GMT
etag: "04d1f116d75da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 GetButtonThemesCss
www.westernsouthern.com/api/sitecore/LayoutApi/ 3 KB
903 B 485ms
484ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/api/sitecore/LayoutApi/GetButtonThemesCss?revision={BD3ECAEB-A652-4A74-80A1-C522AE5264F5}

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ab8b6f29bf8b912b24ac97188577ec665ed7ca6e98feb7a712cda5bd378631ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 6-34462434-34462730 NNNN CT(95 186 0) RT(1711444233509 1125) q(0 0 3 -1) r(4 4) U18
content-length: 594
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
access-control-allow-headers: origin

GET
H2 200 vendors-fontawesome.min.css
www.westernsouthern.com/css/ 80 KB
20 KB 97ms
96ms Stylesheet
text/css 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/css/vendors-fontawesome.min.css?v=bcb2ff18caf0b3e7d0434352e90f7b80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

66cf8d752ae65017a985bb83841301977705c80eb4b3b44535c761ad129797ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 994590, 2049, 7691
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1133) q(0 -1 -1 -1) r(0 -1)
content-length: 20793
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:37:02 GMT
etag: "0f3bce6d75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-variable.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 42 KB
42 KB 30ms
29ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-variable.woff2?rev=158e149fe85c43c3aa5de24d3e4e9fb9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1ebdaa44472e721ae13d0fb770522938baae01493769ebca3a6ae7cddbb3f5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1164507
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1072) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-variable.woff2"
content-length: 42832
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jul 2020 20:07:19 GMT
etag: 8007892bc9cb4cfbb7e1b98d40cb2bd5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.westernsouthern.com
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: e0MGM4/CihD997Ws36AkDAqRAmYAAAAABXxiW1IyPG2CKL61e08ZAA==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-logo.svg
www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/ 5 KB
2 KB 98ms
97ms Image
image/svg+xml 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/ws-logo.svg?rev=38ef227a9dd34d57afbb2e1803cb2e6f&la=en&hash=A73F98712242BC100E67B0C3E13B81E9FA4AB374

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

98b5923561e6f978bcf8c6b550df6c935ed06237723f1d36d0c1b1ca61690d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1181870
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1137) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="WS Logo.svg"
content-length: 2164
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 12:57:30 GMT
etag: 83dcff15f48b4cf695b7d5eec24cdaf8
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 western-southern-life-logo.png
www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/business-name-logo/ 1 KB
1 KB 98ms
98ms Image
image/png 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/feature/westernsouthern/globals/logos/business-name-logo/western-southern-life-logo.png?rev=7a05d9e36fa34d558b0aa183db2248ee&la=en&h=46&w=249&hash=50B73728DEB6A03FBD3A98810693A8E1D22CF547

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b0b470d30a6ce6bcbbc1c58c028fc2ba44b7c34fb6b30aef5e49a28b6664eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 281288, 7270, 900660
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1139) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="western-southern-life-logo.png"
content-length: 1320
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Feb 2019 16:15:23 GMT
etag: 19f49d695a714f75829e1b9df95c0812
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-brands-400.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 1 KB
1 KB 98ms
97ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-brands-400.woff2?rev=b79e69054bab44529b9dda6f33fc5952

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3322bd3fbb77d1ac9e51ef28e3ea572e53be13d27c78e38310070b5d538c719b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1164507
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1143) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-brands-400.woff2"
content-length: 1212
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Mar 2021 13:46:57 GMT
etag: b989fba043d64a35b7db51423f4e3d30
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: wYQvTW+1fSj997Ws36AkDAqRAmYAAAAApKWwMmveuM+dxPGYv5unaw==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-solid-900.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 3 KB
4 KB 99ms
99ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-solid-900.woff2?rev=7178e305056a41498222b1ade50a00e3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

68cea196e24e56b54a6bf4435d6de70c5fed6357e504e6524f113c8636085fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1164507
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1145) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-solid-900.woff2"
content-length: 3368
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Jul 2022 17:55:00 GMT
etag: dde3c08138d04365869ed68bf774dab2
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: yj6vE/BNp2T997Ws36AkDAqRAmYAAAAAqJ0FB7Yzc7Pwvq7pYxyQmw==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 ws-custom-fa-regular-400.woff2
www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ 4 KB
4 KB 101ms
101ms Font
application/octet-stream 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/fonts/woff2/ws-custom-fa-regular-400.woff2?rev=098a6b52732c47ebade273dd7927c0db

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88a734d48331c2e70db108c58d42a2c8164a6cbce49544c93624cdf85edc2eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1164506
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1147) q(0 -1 -1 -1) r(0 -1)
content-disposition: attachment; filename="ws-custom-fa-regular-400.woff2"
content-length: 3688
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Apr 2021 17:37:59 GMT
etag: 3122cdfd562145caabf9ff638dc8a8e5
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/octet-stream
cache-control: max-age=2592000, public
x-incap-sess-cookie-hdr: DEUtIeJB0nz997Ws36AkDAqRAmYAAAAA590uPwNrfzIf5tx+2Z2Lpw==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 modules.0ce9b654b0ac7fef3cf0.js Show response
script.hotjar.com/ 220 KB
55 KB 82ms
25ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2703833.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 410128
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55498
last-modified: Thu, 21 Mar 2024 15:14:32 GMT
etag: "115ac93274d69bd2c455fda9dea090c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rglcErC8xT119lGbKp9w9n8ExHaiUVgY6Vyrl7nouCJqrGN8b44dug==

GET
H2 200 instagram-social-icon.svg
www.westernsouthern.com/-/media/foundation/westernsouthern/linkmenuitem/ 2 KB
1 KB 25ms
25ms Image
image/svg+xml 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernsouthern.com/-/media/foundation/westernsouthern/linkmenuitem/instagram-social-icon.svg?rev=cebfcc8324d54b329428f7c0f42e41e3&la=en&h=37&w=37&hash=F5DF3B23465C2C688312A1534E6427C53CD98A10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3ee1d8529a78f0f109465eae8e7c518a09579b9af5de1d3b44756a5486dcd63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1181870
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1157) q(0 -1 -1 -1) r(0 -1)
content-disposition: inline; filename="instagram-social-icon.svg"
content-length: 791
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jul 2019 18:13:33 GMT
etag: cfa204c067194a5693c480d1b7e4d47c
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 jquery.min.js Show response
www.westernsouthern.com/vendors/jquery/ 103 KB
32 KB 26ms
26ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/jquery/jquery.min.js?v=0ca370e63fd5e30321d97a4d0a391b72

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

62e310886359dddf8bdfc29af3cc50c6ef49da8e89a7ff98ade68800ce638ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1188181, 713, 354
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1188) q(0 -1 -1 -1) r(0 -1)
content-length: 32349
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 main.min.js Show response
www.westernsouthern.com/scripts/bundles/ 221 KB
90 KB 29ms
28ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19875462e7250bdf6bc69bb1da15fc99d00970ae4f607ce5cf65f934fb13169d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 994591, 12, 9973
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1191) q(0 -1 -1 -1) r(1 -1)
content-length: 91522
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 17:36:14 GMT
etag: "0bb20f26c75da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 fa-brands-400.woff2
www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/ 73 KB
73 KB 34ms
34ms Font
font/woff2 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/fa-brands-400.woff2?v=8cce9d0aa5cffeee10f5aafcdf6723be

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1164506
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1219) q(0 -1 -1 -1) r(0 -1)
content-length: 74652
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: 7RCYIkwoOVL997Ws36AkDAqRAmYAAAAAXanT+defJY2R6Hudm1n2uw==
accept-ranges: bytes
access-control-allow-headers: origin

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 242ms
94ms XHR
application/json 63.34.228.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2703833&gzip=1
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.34.228.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-228-124.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c353954a78da27cd3b7989a2ddca2f2e293b8b6914058c711558903377971b0c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 09:10:35 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 Index Show response
www.westernsouthern.com/api/sitecore/GetAntiForgeryToken/ 124 B
680 B 139ms
138ms XHR
application/json 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/api/sitecore/GetAntiForgeryToken/Index

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

23a979970b3affbaefedffbd0d482240948bdb0446ecc8383544197c383df94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-8d6ce3d00eed4ce7ad2f512f8b755d8a-f3238846fd9b4065-01
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
X-Requested-With: XMLHttpRequest
Request-Id: |8d6ce3d00eed4ce7ad2f512f8b755d8a.f3238846fd9b4065
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-iinfo: 6-34462434-34462445 PNNN RT(1711444233509 1320) q(0 0 0 -1) r(1 1) U19
content-length: 260
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private
access-control-allow-headers: origin

GET
H2 200 fa-regular-400.woff2
www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/ 149 KB
149 KB 26ms
25ms Font
font/woff2 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/vendors/fontawesome-pro-5.10.1-web/webfonts/fa-regular-400.woff2?v=d3d31317d040f3dd097bfa4401941d28

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Origin: https://www.westernsouthern.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
age: 1164506
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1344) q(0 -1 -1 -1) r(0 -1)
content-length: 152192
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 19:57:22 GMT
etag: "07daa57806ada1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: n4HabRDrCFX997Ws36AkDAqRAmYAAAAAptnZDNFYeVCJmIfqZ9ik3g==
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 2154.min.js Show response
www.westernsouthern.com/scripts/bundles/ 71 KB
29 KB 29ms
28ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/2154.min.js?v=f6237e1b6198574fe798

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4948a5b72b5d9a800f238dd46da241a96b0bdf787c1d5349aa788f186a0940e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 994590, 7325, 187355
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1356) q(0 -1 -1 -1) r(0 -1)
content-length: 29706
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 9779.min.js Show response
www.westernsouthern.com/scripts/bundles/ 29 KB
12 KB 31ms
31ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/9779.min.js?v=b83e65ac6daf464e9bbb

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

27931b1f5bb88d23648755f57eaa6c3351bc303596dce25e395b944617ff0a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 994590, 736, 193945
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1361) q(0 -1 -1 -1) r(0 -1)
content-length: 11973
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 validation.min.js Show response
www.westernsouthern.com/scripts/bundles/ 4 KB
2 KB 35ms
34ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/validation.min.js?v=9b97784178bf1def1606

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f75bfcf52eff37055c6ba37438bdd1e48ec69a563d08c73690db48057aa61f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 638397, 550138, 712
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1366) q(0 -1 -1 -1) r(0 -1)
content-length: 2167
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 custom-forms.min.js Show response
www.westernsouthern.com/scripts/bundles/ 6 KB
3 KB 37ms
37ms Script
application/x-javascript 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/scripts/bundles/custom-forms.min.js?v=d12e355855aeb6cc6afd

Requested by

Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/scripts/bundles/main.min.js?v=def9f635344ebc73bd18392beef35719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

77de4868fc9f329d5504f68d0e76e42039ec7c0b1f128ce54cc7e78651bf84c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 638397, 550138, 712
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 1369) q(0 -1 -1 -1) r(0 -1)
content-length: 2625
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Feb 2024 20:00:20 GMT
etag: "022c3c1806ada1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-methods: GET
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 382 KB
107 KB 112ms
60ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a278f6ddde54c9612a182767d93a979f2ad69662d0f97664247e5086253ec824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 09:10:35 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95cd097bdc42bd04ccef8ba0c937efbf51ee75bf49cd0cf9e53f7a4d346cc4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 09:10:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91V5L64MGX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fd3a1dfec7995191e091515fc9558c830f80093287374c6247e0b2e8a0a4de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 09:10:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
20ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTQS585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 07:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4947
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Mar 2024 09:48:08 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-30931.us.tvsquared.com/ 20 KB
9 KB 487ms
119ms Script
application/javascript 18.223.63.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-30931.us.tvsquared.com/tv2track.js
Requested by: Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.223.63.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-223-63-188.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 09:10:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx
ETag: "65d377e7-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 26 Mar 2024 09:20:35 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 78ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-91V5L64MGX&gtm=45je43p0v893566888z877497308za200&_p=1711444235163&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1745268585.1711444235&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711444235&sct=1&seg=0&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fesnapshot%3Fagentid%3D567210%26hss_meta%3DeyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9&dt=eSnapshot%20%7C%20Western%20%26%20Southern%20Life&en=Web%20Vitals&_fv=1&_nsi=1&_ss=1&ep.business_unit=WSLife&ep.content_group=(other)&ep.content_sub_group=WSL&ep.effective_connection_type=4g&epn.device_width=1600&epn.device_height=1113&ep.criticalCSS=true&ep.SaveData=false&ep.NavigationType=navigate&epn.Score=1731&ep.Rating=Good&ep.Element=&ep.Metric=FCP&tfd=2296
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 09:10:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 87ms
29ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-91V5L64MGX&cid=1745268585.1711444235&gtm=45je43p0v893566888z877497308za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-91V5L64MGX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 09:10:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 92ms
47ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-91V5L64MGX&cid=1745268585.1711444235&gtm=45je43p0v893566888z877497308za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=286048348

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 09:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 28ms
28ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1858093956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fesnapshot%3Fagentid%3D567210%26hss_meta%3Deyjvcmdhbml6yxrpb25fawqioiazotesicjncm91cf9pzci6idc2ndiyncwgimfzc2v0x2lkijogmtc4nju0nywgimdyb3vwx2nvbnrlbnrfawqioiaxmtg0odiymtysicjncm91cf9uzxr3b3jrx2nvbnrlbnrfawqioiaxodq4mja4ndd9&dp=%2Fwslife%2Fesnapshot&ul=en-us&de=UTF-8&dt=eSnapshot%20%7C%20Western%20%26%20Southern%20Life&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAEABAAAAACgAI~&jid=5464242&gjid=2021196845&cid=1745268585.1711444235&tid=UA-5364019-1&_gid=665072066.1711444235&_r=1&_slc=1&gtm=45He43p0n81KTQS585v77497308za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1068849848

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 09:10:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westernsouthern.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-30931.us.tvsquared.com/ 42 B
276 B 117ms
117ms Image
image/gif 18.223.63.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-30931.us.tvsquared.com/tv2track.php?action_name=eSnapshot%20%7C%20Western%20%26%20Southern%20Life&idsite=TV-6390096381-1&rec=1&r=130334&h=10&m=10&s=35&url=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fesnapshot%3Fagentid%3D567210%26hss_meta%3DeyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9&_id=73062e023c5b3e3e&_idts=1711444236&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=800x600&gt_ms=1145
Requested by: Host: www.westernsouthern.com
URL: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.223.63.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-223-63-188.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Tue, 26 Mar 2024 09:10:35 GMT
Server: nginx
Connection: keep-alive
Request-Id: e67e6a67-1737-4526-bf67-ed12eb542f5f
Content-Length: 42
Content-Type: image/gif

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1858093956&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fesnapshot%3Fagentid%3D567210%26hss_meta%3Deyjvcmdhbml6yxrpb25fawqioiazotesicjncm91cf9pzci6idc2ndiyncwgimfzc2v0x2lkijogmtc4nju0nywgimdyb3vwx2nvbnrlbnrfawqioiaxmtg0odiymtysicjncm91cf9uzxr3b3jrx2nvbnrlbnrfawqioiaxodq4mja4ndd9&dp=%2Fwslife%2Fesnapshot&ul=en-us&de=UTF-8&dt=eSnapshot%20%7C%20Western%20%26%20Southern%20Life&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=Scroll&ea=eSnapshot%20%7C%20Western%20%26%20Southern%20Life&el=25%25&_u=aADAAEABAAAAACgAI~&jid=&gjid=&cid=1745268585.1711444235&tid=UA-5364019-1&_gid=665072066.1711444235&gtm=45He43p0n81KTQS585v77497308za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1041138513

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 19:26:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
www.westernsouthern.com/-/media/project/westernsouthern/images/wsfg/icons/ 15 KB
5 KB 28ms
27ms Other
image/x-icon 45.60.156.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernsouthern.com/-/media/project/westernsouthern/images/wsfg/icons/favicon.ico?rev=a57d52f1ef584390b35ba3ef6b37fbef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.156.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9985631b47a45ea805426ef49ec2d0cd410bce43fe122dcc8106013321a483e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
age: 1164505
x-iinfo: 6-34462434-0 0CNN RT(1711444233509 2189) q(0 -1 -1 -1) r(1 -1)
content-disposition: inline; filename="favicon.ico"
content-length: 4846
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:a743685b-7626-4dd8-a628-3253106c1e82
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 May 2019 02:11:43 GMT
etag: 0229d1bf86054fbfa2a9316ac1a5343e
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-methods: GET
cache-control: max-age=2592000, public
accept-ranges: bytes
access-control-allow-headers: origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1858093956&t=timing&_s=2&dl=https%3A%2F%2Fwww.westernsouthern.com%2Fwslife%2Fesnapshot%3Fagentid%3D567210%26hss_meta%3Deyjvcmdhbml6yxrpb25fawqioiazotesicjncm91cf9pzci6idc2ndiyncwgimfzc2v0x2lkijogmtc4nju0nywgimdyb3vwx2nvbnrlbnrfawqioiaxmtg0odiymtysicjncm91cf9uzxr3b3jrx2nvbnrlbnrfawqioiaxodq4mja4ndd9&dp=%2Fwslife%2Fesnapshot&ul=en-us&de=UTF-8&dt=eSnapshot%20%7C%20Western%20%26%20Southern%20Life&sd=24-bit&sr=800x600&vp=1600x1113&je=0&plt=2820&pdt=203&dns=0&rrt=202&srt=942&tcp=48&dit=1839&clt=1977&_gst=2208&_gbt=2312&_u=aADAAEABAAAAACgAI~&jid=&gjid=&cid=1745268585.1711444235&tid=UA-5364019-1&_gid=665072066.1711444235&gtm=45He43p0n81KTQS585v77497308za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=967881370

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 19:26:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 track
eastus-8.in.applicationinsights.azure.com/v2/ 0
0 635ms
215ms Preflight 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.westernsouthern.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Tue, 26 Mar 2024 09:10:35 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
eastus-8.in.applicationinsights.azure.com/v2/ 62 B
166 B 110ms
110ms XHR
application/json 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b77934d05bdd2a58f476814325af7edfccad6f36b47247c3f10c6250891bafd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.westernsouthern.com/wslife/esnapshot?agentid=567210&hss_meta=eyJvcmdhbml6YXRpb25faWQiOiAzOTEsICJncm91cF9pZCI6IDc2NDIyNCwgImFzc2V0X2lkIjogMTc4NjU0NywgImdyb3VwX2NvbnRlbnRfaWQiOiAxMTg0ODIyMTYsICJncm91cF9uZXR3b3JrX2NvbnRlbnRfaWQiOiAxODQ4MjA4NDd9
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Tue, 26 Mar 2024 09:10:35 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 23:43:16	Name: _bit Value: o2q9ax-1ab95bad9c9f37422e-00c
.www.westernsouthern.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 14b7dcc5faee702e659e3090ce7f06a12356ef47da2a301f51b2148b4da376dc
.www.westernsouthern.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 14b7dcc5faee702e659e3090ce7f06a12356ef47da2a301f51b2148b4da376dc
.westernsouthern.com/	1970-01-21 04:09:04	Name: visid_incap_2261758 Value: Y6cB3gAsS0ypPdqdWza2wwmRAmYAAAAAQUIPAAAAAADk4OVGFYP8HvIOhdD/NWcs
.westernsouthern.com/	1969-12-31 23:59:59	Name: nlbi_2261758 Value: bcFfM5nI4n9QRq/nx292mAAAAAANkz9mZdwBoEXowpbzy7uR
.westernsouthern.com/	1969-12-31 23:59:59	Name: incap_ses_875_2261758 Value: XKpTZV6Sfgn997Ws36AkDAqRAmYAAAAAAwtw1+h9XotdfZkbDa5XOA==
www.westernsouthern.com/	1970-01-21 04:09:40	Name: ai_user Value: /6mmM6Y5DQhVMeWc7q9tBZ\|2024-03-26T09:10:34.997Z
.westernsouthern.com/	1970-01-21 04:09:40	Name: _hjSessionUser_2703833 Value: eyJpZCI6IjIxNjg5MjNjLWNmNjgtNTlhYS1hZjcwLTdlMGIzZWU4ZDgwZiIsImNyZWF0ZWQiOjE3MTE0NDQyMzUwNTEsImV4aXN0aW5nIjp0cnVlfQ==
.westernsouthern.com/	1970-01-20 19:24:06	Name: _hjSession_2703833 Value: eyJpZCI6Ijk5MWQ5NmQwLWRjZTItNDFhMC1iYTA3LThjZjI4MDE2MGMwOCIsImMiOjE3MTE0NDQyMzUwNTEsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.westernsouthern.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: -c3B3N3L60OHzLJoPgg9Pujqj7jsBK5fbeR4H2VUYJQJ25RYvlo0luetCS4KJZUlmVpBTDdCiw41l4RsZPJAs0_WknZg80pKKp1u3kBu9hw1
www.westernsouthern.com/	1970-01-20 19:24:06	Name: ai_session Value: t5PdgXuPB/lHfbw4lOL8Pd\|1711444235257\|1711444235257
www.westernsouthern.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mvp1mi3sgkqvxs3u1d0015cg
www.westernsouthern.com/	1970-01-21 05:00:04	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 212e408c272b40fca313ae84eedf0c2c\|False
.westernsouthern.com/	1970-01-20 21:33:40	Name: _gcl_au Value: 1.1.629760701.1711444235
.westernsouthern.com/	1970-01-21 05:00:04	Name: _ga Value: GA1.2.1745268585.1711444235
.westernsouthern.com/	1970-01-20 19:25:30	Name: _gid Value: GA1.2.665072066.1711444235
.westernsouthern.com/	1970-01-20 19:24:04	Name: _gat_UA-5364019-1 Value: 1
www.westernsouthern.com/	1970-01-21 05:00:04	Name: _tq_id.TV-6390096381-1.d94f Value: 73062e023c5b3e3e.1711444236.0.1711444236..
.westernsouthern.com/	1970-01-21 05:00:04	Name: _ga_91V5L64MGX Value: GS1.1.1711444235.1.1.1711444235.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
collector-30931.us.tvsquared.com
content.hotjar.io
eastus-8.in.applicationinsights.azure.com
js.monitor.azure.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.westernsouthern.com
13.32.27.107
172.217.16.195
172.217.18.110
18.223.63.188
18.66.97.37
2001:4860:4802:34::178
2001:4860:4802:34::36
2620:1ec:bdf::63
2a00:1450:4001:828::2008
2a00:1450:400c:c00::9d
45.60.156.176
52.188.247.148
63.34.228.124
67.199.248.10
0675bcbfa46c1428f1646329585fecbcecce84733eef11f618d471a0f77a16ee
0fd3a1dfec7995191e091515fc9558c830f80093287374c6247e0b2e8a0a4de7
19875462e7250bdf6bc69bb1da15fc99d00970ae4f607ce5cf65f934fb13169d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ebdaa44472e721ae13d0fb770522938baae01493769ebca3a6ae7cddbb3f5c0
23a979970b3affbaefedffbd0d482240948bdb0446ecc8383544197c383df94c
27931b1f5bb88d23648755f57eaa6c3351bc303596dce25e395b944617ff0a84
3322bd3fbb77d1ac9e51ef28e3ea572e53be13d27c78e38310070b5d538c719b
3ee1d8529a78f0f109465eae8e7c518a09579b9af5de1d3b44756a5486dcd63e
441eabbcd6d06eff249b71a13939a2931731d0267e5dcd0f7bd64fdf61b51277
4948a5b72b5d9a800f238dd46da241a96b0bdf787c1d5349aa788f186a0940e6
575713abfecfef5a1ec718eba015252750d79be81d2db109b79570946ccd03ea
594a8f63a9d4f658f3f759ce9eac4e5e82e70ec45a8ff21349079c121b71e713
62e310886359dddf8bdfc29af3cc50c6ef49da8e89a7ff98ade68800ce638ff1
66cf8d752ae65017a985bb83841301977705c80eb4b3b44535c761ad129797ca
68cea196e24e56b54a6bf4435d6de70c5fed6357e504e6524f113c8636085fe5
77de4868fc9f329d5504f68d0e76e42039ec7c0b1f128ce54cc7e78651bf84c5
7c7ebd10112d797ecfb4e0ddc42882c69724c8c4863b890dfef49062cb597fc4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
88a734d48331c2e70db108c58d42a2c8164a6cbce49544c93624cdf85edc2eee
95cd097bdc42bd04ccef8ba0c937efbf51ee75bf49cd0cf9e53f7a4d346cc4cb
98b5923561e6f978bcf8c6b550df6c935ed06237723f1d36d0c1b1ca61690d5c
9985631b47a45ea805426ef49ec2d0cd410bce43fe122dcc8106013321a483e8
9b0b470d30a6ce6bcbbc1c58c028fc2ba44b7c34fb6b30aef5e49a28b6664eb8
a278f6ddde54c9612a182767d93a979f2ad69662d0f97664247e5086253ec824
a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
ab8b6f29bf8b912b24ac97188577ec665ed7ca6e98feb7a712cda5bd378631ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9173af95ddf1bbd979b71b31a839f2f05dc386561e94256c8dbf1cd52bfd2
b77934d05bdd2a58f476814325af7edfccad6f36b47247c3f10c6250891bafd2
c353954a78da27cd3b7989a2ddca2f2e293b8b6914058c711558903377971b0c
d14b010063d754d348533eb599913711340a075c3e660b084a9bac10e2f9f78f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f75bfcf52eff37055c6ba37438bdd1e48ec69a563d08c73690db48057aa61f95

www.westernsouthern.com Open in urlscan Pro 45.60.156.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

36 %IPv6

11 Domains

13 Subdomains

14 IPs

4 Countries

1148 kBTransfer

3326 kBSize

19 Cookies

14 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.westernsouthern.com Open in urlscan Pro
45.60.156.176 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

36 %
IPv6

11
Domains

13
Subdomains

14
IPs

4
Countries

1148 kB
Transfer

3326 kB
Size

19
Cookies

42 HTTP transactions
1 data transactions