1stamericanmutual.com Open in urlscan Pro
45.40.153.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.1stamericanmutual.com/
Effective URL:
https://1stamericanmutual.com/
Submission: On February 17 via automatic, source certstream-suspicious (February 17th 2023, 7:07:32 pm UTC) — Scanned from DE

Summary HTTP 59 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 59 HTTP transactions. The main IP is 45.40.153.168, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is 1stamericanmutual.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 17th 2023. Valid for: a year.

This is the only time 1stamericanmutual.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	45.40.153.168 45.40.153.168	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
37	162.159.136.45 162.159.136.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	108.138.17.94 108.138.17.94	16509 (AMAZON-02) (AMAZON-02)
3	108.138.7.100 108.138.7.100	16509 (AMAZON-02) (AMAZON-02)
3 5	2.23.97.147 2.23.97.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223e:3000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:11a... 2a02:26f0:11a::5f65:1739	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.80.220.179 35.80.220.179	16509 (AMAZON-02) (AMAZON-02)
59	11

3 45.40.153.168 (United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 168.153.40.45.host.secureserver.net

www.1stamericanmutual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1stamericanmutual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 162.159.136.45 (None, )

ASN13335 (CLOUDFLARENET, US)

i7la06.p3cdn1.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-94.fra56.r.cloudfront.net

cdn.poynt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-100.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.97.147 (Vienna, Austria) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-147.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:3000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::5f65:1739 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.80.220.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-220-179.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	secureserver.net i7la06.p3cdn1.secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13072	364 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1024 q.stripe.com — Cisco Umbrella Rank: 6876 m.stripe.com — Cisco Umbrella Rank: 1033	110 KB
5	wsimg.com 3 redirects img1.wsimg.com — Cisco Umbrella Rank: 8608 img6.wsimg.com — Cisco Umbrella Rank: 10360	20 KB
4	gstatic.com fonts.gstatic.com	64 KB
3	1stamericanmutual.com 1 redirects www.1stamericanmutual.com 1stamericanmutual.com	13 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1149	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	poynt.net cdn.poynt.net — Cisco Umbrella Rank: 125164	100 KB
59	8

	Domain	Requested by
37	i7la06.p3cdn1.secureserver.net	1stamericanmutual.com i7la06.p3cdn1.secureserver.net
4	fonts.gstatic.com	fonts.googleapis.com
3	q.stripe.com	1stamericanmutual.com
3	img1.wsimg.com	3 redirects
3	js.stripe.com	1stamericanmutual.com js.stripe.com
2	events.api.secureserver.net	img1.wsimg.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	img6.wsimg.com	1stamericanmutual.com
2	fonts.googleapis.com	1stamericanmutual.com
2	1stamericanmutual.com	img1.wsimg.com
1	m.stripe.com	m.stripe.network
1	cdn.poynt.net	1stamericanmutual.com
1	www.1stamericanmutual.com	1 redirects
59	13

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.candidthemes.com

Subject Issuer	Validity	Valid
1stamericanmutual.com Go Daddy Secure Certificate Authority - G2	`2023-02-17` - `2024-03-20`	a year	crt.sh
*.p3cdn1.secureserver.net Starfield Secure Certificate Authority - G2	`2022-09-13` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.poynt.net Go Daddy Secure Certificate Authority - G2	`2022-12-07` - `2024-01-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2022-08-05` - `2023-09-06`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://1stamericanmutual.com/
Frame ID: 6D301ECC2EDD80BB6908CF449A5F3701
Requests: 51 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 8462977668BEF91352607D6DBA23C1D6
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4AEA22DB2B83AA21D7FB7F0526EA25A9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

First American Mutual – Helping seniors to get more out of their healthcare

Page URL History Show full URLs

https://www.1stamericanmutual.com/ HTTP 301
https://1stamericanmutual.com/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

97 %
HTTPS

36 %
IPv6

8
Domains

13
Subdomains

11
IPs

4
Countries

686 kB
Transfer

2574 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.candidthemes.com/
Title: Candid Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.1stamericanmutual.com/ HTTP 301
https://1stamericanmutual.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

Request Chain 39

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1stamericanmutual.com/
Redirect Chain

https://www.1stamericanmutual.com/
https://1stamericanmutual.com/

53 KB
12 KB

177ms
175ms

Document
text/html

45.40.153.168
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.40.153.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

168.153.40.45.host.secureserver.net

Software

openresty /

Resource Hash

2b2901d269e0829f37c124f1d576db9194fb27c601743c842f1dbb0660090d97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
age: 1
content-encoding: gzip
content-length: 12243
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 19:06:42 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,20,24
x-php-version: 8.0
x-xss-protection: 1; mode=block

Redirect headers

age: 1810
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 19:06:42 GMT
location: https://1stamericanmutual.com/
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,20,24
x-php-version: 8.0
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H2 200 stripe-settings.css
i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/css/ 865 B
434 B 291ms
214ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/css/stripe-settings.css?time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070e914943207fab6d6e7db6a1efd0c2f60b47afcabd4bc29f6a87f9d9e63d6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9272bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 pay-in-person-method.css
i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/css/ 8 KB
2 KB 284ms
207ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/css/pay-in-person-method.css?time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd46d35145dc6c9125b21ceb7256741d7e5771e04b2290947ffc2fcfa1a81452

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9292bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 style.min.css
i7la06.p3cdn1.secureserver.net/wp-includes/css/dist/block-library/ 93 KB
12 KB 295ms
219ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b92b2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 wc-blocks-vendors-style.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 10 KB
2 KB 708ms
633ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.4.3&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d38ebe31a12e6c88de4f40af63dd23841c9879f168a8824aa475029ef59dd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9462bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 wc-blocks-style.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 249 KB
26 KB 346ms
271ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.4.3&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19d39ff5dc5ce5a1a86862db60eae3b00770724177c1b123f28003b38f7fc8bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9482bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 style-coblocks-1.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/ 266 KB
35 KB 343ms
268ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=2.25.5&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e348a28158bf359c0a430a38317a407e417b901a2e492836a8410cfdffc9afd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:39 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b93e2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 classic-themes.min.css
i7la06.p3cdn1.secureserver.net/wp-includes/css/ 217 B
223 B 293ms
218ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/css/classic-themes.min.css?ver=1&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9442bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 woocommerce-layout.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/css/ 17 KB
3 KB 305ms
231ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29934ab52db572c893d40563016fedd46dc3da5bb231af5d5b187e7fe66be9d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9322bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 woocommerce.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/css/ 73 KB
9 KB 315ms
241ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509be74020caaaf83a87d9b552b8ff49bc79efd821240a94ad4f7c48acefaf1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b93c2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 style.min.css
i7la06.p3cdn1.secureserver.net/wp-includes/css/dist/components/ 80 KB
12 KB 314ms
240ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/css/dist/components/style.min.css?ver=6.1.1&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa4b49ff6d9d13c3a6457408ace18c4ce06399ab0af5f324dcb8d01d807e3c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9412bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 latest.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/ 13 KB
1 KB 307ms
233ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:39 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9432bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
905 B 111ms
44ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.1.1

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ed853531d5f6c6783cdc5c34a1478213b1779a084014bd4b1b312b83db85f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Feb 2023 19:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 19:07:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Feb 2023 19:07:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
589 B 112ms
45ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.1.1

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b3f42346f3e78b95f2df7b412c9f68f75dba129bdd1c7efb5b24064a1d0fde5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Feb 2023 19:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 18:18:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Feb 2023 19:07:26 GMT

GET
H2 200 font-awesome.min.css
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/ 30 KB
7 KB 297ms
223ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9332bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 slick.css
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 2 KB
632 B 288ms
215ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.css?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b92e2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 slick-theme.css
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 3 KB
928 B 307ms
233ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-theme.css?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9402bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 style.css
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/ 102 KB
18 KB 329ms
255ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/style.css?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a17db44ec5e656a0a27b74532c4105d13af1be688bc9275901638a009574f99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b9302bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 payment-form.css
i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/css/ 825 B
335 B 290ms
217ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/css/payment-form.css?time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdaeb64b21a7c95a84c49a72146305e45a21a24643cf1b7280513912c633438d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b92c2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 jquery.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-includes/js/jquery/ 88 KB
31 KB 322ms
249ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b94a2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-includes/js/jquery/ 11 KB
4 KB 315ms
242ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b94b2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H/1.1 200
OK collect.js Show response
cdn.poynt.net/ 458 KB
100 KB 418ms
9ms Script
application/x-javascript 108.138.17.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect.js
Requested by: Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68412b94826b8f9aaa8094e14907ba77260e9e7a9daa9745038972a15685029b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 7V1uQ_NpE4xUyR6NsCRqer5Q_z3hKCc4
Content-Encoding: gzip
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
Date: Fri, 17 Feb 2023 01:42:31 GMT
X-Amz-Cf-Pop: FRA56-P7
Age: 62696
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Last-Modified: Thu, 16 Feb 2023 01:42:18 GMT
Server: AmazonS3
ETag: W/"ba9cc47e61056b3874e1f6c07a147137"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Amz-Cf-Id: iK68YUkrcktOUJPi_SwhKH_czQwRie0-PKihmdbXLucvb6P79FJLWA==

GET
H2 200 poynt.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/js/payments/frontend/ 10 KB
3 KB 730ms
658ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/js/payments/frontend/poynt.js?time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c9922a9f59e574718ff84303941bb406193f0ae339be53027c50e554ae3ed7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b94d2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 438 KB
105 KB 104ms
16ms Script
text/javascript 108.138.7.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-100.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6311b70565e6ed451b262270b272d6bc208a840a59127258655f27d936135b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 19:07:26 GMT
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1
x-cache: Hit from cloudfront
last-modified: Fri, 17 Feb 2023 15:47:51 GMT
server: Cloudfront
etag: W/"4e938c4b724be202ff93a669a655c0f1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: o8AQbg8kasnyD95ReLfHCwVWvQd6FpXNVuE8m8cqPjQjLGhqT9IgLg==

GET
H2 200 stripe.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/js/payments/frontend/ 10 KB
3 KB 306ms
234ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/mu-plugins/gd-system-plugin/plugins/mwc-core/assets/js/payments/frontend/stripe.js?time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483ff33c3674c73af399296211c73db28bf6380c0dc496867d9a0b0e73559968

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:26 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce50b94e2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:26 GMT

GET
H3 200 home-image-1.jpg
i7la06.p3cdn1.secureserver.net/wp-content/uploads/2023/02/ 65 KB
66 KB 383ms
381ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/uploads/2023/02/home-image-1.jpg

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea03781d6e73a2b65945f7dc0427a3b1934ca8fcd09df3996dcf716f6c2942d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66666
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:20 GMT
x-php-version: 8.0
server: cloudflare
etag: "1046a-5f4e96c03b5f9"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 79b0ce54e857698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H2 200 coblocks-animation.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 412 B
347 B 189ms
188ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.25.5&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:39 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54a87a2bbb-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 coblocks-lightbox.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 3 KB
1 KB 195ms
195ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-lightbox.js?ver=2.25.5&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073755b43f55a99987aa9f8d6b99239e8cdc9952fe4f1ef0275850610702a80b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:39 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54c810698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 jquery.blockUI.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 188ms
187ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e835698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 add-to-cart.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 198ms
194ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e842698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 js.cookie.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 195ms
191ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e843698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 woocommerce.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 195ms
191ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e845698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 cart-fragments.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 184ms
180ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-backend: local
age: 0
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:08 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cf-ray: 79b0ce54e847698b-FRA

GET
H3 200 navigation.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/js/ 3 KB
1 KB 665ms
661ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/js/navigation.js?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e84a698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/custom/js/ 15 KB
4 KB 697ms
693ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar.js?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794b9e10816a6252aef7eb75ced45cf53dd47eafe1773ab94c141727132460b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e84c698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 slick.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 90 KB
16 KB 208ms
205ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.js?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e850698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 imagesloaded.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-includes/js/ 5 KB
2 KB 194ms
191ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e852698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 masonry.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-includes/js/ 24 KB
8 KB 206ms
203ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/js/masonry.min.js?ver=4.2.2&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e854698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 custom.js Show response
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/custom/js/ 7 KB
2 KB 634ms
631ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/custom/js/custom.js?ver=1.3.7&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e855698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

45 KB
12 KB

23ms
23ms

Script
application/javascript

2.23.97.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by: Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/
Protocol: H2
Server: 2.23.97.147 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding: br
date: Fri, 17 Feb 2023 19:07:27 GMT
x-amz-request-id: FH0P3E93SF8PA32Y
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11347
x-amz-id-2: vfCRznBpTwUzsQTqqHQrPBdgJL8bd9m6fgJ2RsnQ7TUvg/tSMOpz6ogFdrj21JebiN+bK0g/VZM=
last-modified: Tue, 29 Nov 2022 21:26:18 GMT
etag: "5c3e20ad749ddb088afc84b1b7ff009e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin: *
date: Fri, 17 Feb 2023 19:07:27 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Fri, 17 Feb 2023 19:37:27 GMT

GET
H2

200

tti.min.js Show response
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

24 KB
8 KB

25ms
24ms

Script
application/javascript

2.23.97.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by: Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/
Protocol: H2
Server: 2.23.97.147 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 148
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding: br
date: Fri, 17 Feb 2023 19:07:27 GMT
x-amz-request-id: 836GEDG87AEEPZ3V
x-edgeconnect-midmile-rtt: 1
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7498
x-amz-id-2: 1p573ITy0o0T0ufkOZkP/+OCkgNr0sxd/pCUSQaWmdftOrsA/CN9I7heKTs2+rnywAcwGtmX76o=
last-modified: Tue, 18 Jan 2022 02:54:27 GMT
etag: "ce554d2333f3801abafb32da18213ff7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin: *
date: Fri, 17 Feb 2023 19:07:27 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Fri, 17 Feb 2023 19:37:27 GMT

GET
H3 200 wp-emoji-release.min.js Show response
i7la06.p3cdn1.secureserver.net/wp-includes/js/ 18 KB
5 KB 200ms
198ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:23:11 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e859698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H3 200 woocommerce-smallscreen.css
i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 212ms
210ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.4.0&time=1676660490

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:24:09 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 79b0ce54e85b698b-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 106ms
44ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1stamericanmutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:48:57 GMT
x-content-type-options: nosniff
age: 109109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:48:57 GMT

GET
H3 200 fontawesome-webfont.woff2
i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/ 75 KB
76 KB 226ms
211ms Font
font/woff2 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: i7la06.p3cdn1.secureserver.net
URL: https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7&time=1676660490

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i7la06.p3cdn1.secureserver.net/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7&time=1676660490
Origin: https://1stamericanmutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:07:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Feb 2023 18:50:26 GMT
x-php-version: 8.0
server: cloudflare
etag: "12d68-5f4e9c95fa2b1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 79b0ce550a00bba3-FRA
expires: Mon, 20 Mar 2023 19:07:27 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 73ms
22ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1stamericanmutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 16:42:33 GMT
x-content-type-options: nosniff
age: 95093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:42:33 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 74ms
24ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1stamericanmutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:20:50 GMT
x-content-type-options: nosniff
age: 74796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:20:50 GMT

GET
H2 200 7Aujp_0qiz-afTfcIyoiGtm2P0wG089z4eqVww.woff2
fonts.gstatic.com/s/muli/v28/ 17 KB
17 KB 77ms
27ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG089z4eqVww.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d2e60115031669a38bb90c91a4f32dd9ef56e6ca251cf29075f2f9e1fde70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1stamericanmutual.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:01:00 GMT
x-content-type-options: nosniff
age: 36386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17148
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 09:01:00 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 8462 200 B
1 KB 9ms
9ms Document
text/html 108.138.7.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-100.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1stamericanmutual.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1028
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 Feb 2023 18:50:30 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Mon, 13 Feb 2023 20:05:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-id: np7ljI6_zYYGF_Ve0UyHA0aOoDS9fPTUqQQNoZ35GyvpE10EXc55TQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 / Show response
1stamericanmutual.com/ 210 B
698 B 461ms
460ms XHR
application/json 45.40.153.168
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://1stamericanmutual.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.40.153.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

168.153.40.45.host.secureserver.net

Software

openresty /

Resource Hash

3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://1stamericanmutual.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 17 Feb 2023 19:06:44 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheproxy-retries: 0/2
content-length: 210
x-xss-protection: 1; mode=block
x-php-version: 8.0
server: openresty
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://1stamericanmutual.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-fawn-proc-count: 1,20,24
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 8462 0
599 B 645ms
182ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Feb 2023 19:07:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8462 0
600 B 643ms
181ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Feb 2023 19:07:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8462 631 B
1 KB 10ms
9ms Script
text/javascript 108.138.7.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-100.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 17 Feb 2023 18:11:40 GMT
x-content-type-options: nosniff
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3348
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 16 Feb 2023 18:37:33 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: g8SWQK79hAg8SIx9Q6PDSHlqqZBMHvQHZ52QqCeJ5z3WIf-j2PjDsw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4AEA 930 B
2 KB 83ms
9ms Document
text/html 2600:9000:223e:3000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 208
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 Feb 2023 19:04:00 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: TnOrArNPXLi8qgZtm7qYy4fvV4WHzNwhClja0yu4CkFd9tr4L43mrA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 4AEA 0
373 B 539ms
182ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: 1stamericanmutual.com
URL: https://1stamericanmutual.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: blue
pragma: no-cache
date: Fri, 17 Feb 2023 19:07:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 4AEA 86 KB
14 KB 10ms
9ms Script
text/javascript 2600:9000:223e:3000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 19:03:37 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 231
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: wUWdiU46nCGQSxjGS7GPSUlP-7DfXnE82D8g-OjZfEgrAuFSFOffAw==

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
294 B 221ms
132ms XHR
image/gif 2a02:26f0:11a::5f65:1739
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1676660847572&dh=1stamericanmutual.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&vci=1366692246&cv=2.0.1&z=961650864&vg=4a269791-c533-52f8-aae0-66d0943872ef&vtg=4a269791-c533-52f8-aae0-66d0943872ef&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d2e20213-db65-dad7-61f0-608fa1b90871.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD12%22%2C%22storage%22%3A%22p3cephmah006pod12_data03%22%2C%22xid%22%3A%2245000493%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%228.0.27%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22fairy%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22306%22%2C%22wp_alloptions_bytes%22%3A%2262098%22%7D&hit_id=b8d99878-aff7-5a63-89d0-4639a806ee71&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:11a::5f65:1739 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 17 Feb 2023 19:07:28 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://1stamericanmutual.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
294 B 206ms
119ms XHR
image/gif 2a02:26f0:11a::5f65:1739
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1676660847794&dh=1stamericanmutual.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&vci=1366692246&cv=2.0.1&z=1298167620&vg=4a269791-c533-52f8-aae0-66d0943872ef&vtg=4a269791-c533-52f8-aae0-66d0943872ef&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d2e20213-db65-dad7-61f0-608fa1b90871.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD12%22%2C%22storage%22%3A%22p3cephmah006pod12_data03%22%2C%22xid%22%3A%2245000493%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%228.0.27%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22fairy%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22306%22%2C%22wp_alloptions_bytes%22%3A%2262098%22%7D&hit_id=c527775f-eaaa-54f1-bd05-c58ab824962a&ht=perf&tce=1676660845929&tcs=1676660845929&tdc=1676660847790&tdclee=1676660847578&tdcles=1676660847574&tdi=1676660847574&tdl=1676660846109&tdle=1676660845929&tdls=1676660845929&tfs=1676660845929&tns=1676660845298&trqs=1676660845930&tre=1676660846265&trps=1676660846106&tles=1676660847790&tlee=0&nt=navigate&lcp=1717&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:11a::5f65:1739 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1stamericanmutual.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 17 Feb 2023 19:07:27 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://1stamericanmutual.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

POST
H2 200 6 Show response
m.stripe.com/ Frame 4AEA 156 B
552 B 794ms
375ms XHR
application/json 35.80.220.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.220.179 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-220-179.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3178a9b07896af63d12eb2fea5ec4ffe0ec9423a901b174d2ef0139002ec13ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 17 Feb 2023 19:07:28 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1stamericanmutual.com/	1970-01-20 18:29:56	Name: _tccl_visitor Value: 4a269791-c533-52f8-aae0-66d0943872ef
.1stamericanmutual.com/	1970-01-20 09:44:22	Name: _tccl_visit Value: 4a269791-c533-52f8-aae0-66d0943872ef
m.stripe.com/	1970-01-20 19:20:20	Name: m Value: 5fe26a98-a042-4db8-8ae8-e13f7b19315104ab80
.1stamericanmutual.com/	1970-01-20 18:29:56	Name: __stripe_mid Value: 8cbf052a-0b35-415a-8c7a-d70fd6a17f6e4c841e
.1stamericanmutual.com/	1970-01-20 09:44:22	Name: __stripe_sid Value: b0717e05-5896-482d-a596-83f97ec44d7d775999

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1stamericanmutual.com
cdn.poynt.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
i7la06.p3cdn1.secureserver.net
img1.wsimg.com
img6.wsimg.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
www.1stamericanmutual.com
108.138.17.94
108.138.7.100
162.159.136.45
2.23.97.147
2600:9000:223e:3000:19:7d10:bd80:93a1
2a00:1450:400d:806::2003
2a00:1450:400d:80c::200a
2a02:26f0:11a::5f65:1739
35.80.220.179
45.40.153.168
54.187.119.242
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
070e914943207fab6d6e7db6a1efd0c2f60b47afcabd4bc29f6a87f9d9e63d6b
073755b43f55a99987aa9f8d6b99239e8cdc9952fe4f1ef0275850610702a80b
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
19d39ff5dc5ce5a1a86862db60eae3b00770724177c1b123f28003b38f7fc8bb
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
27d2e60115031669a38bb90c91a4f32dd9ef56e6ca251cf29075f2f9e1fde70a
29934ab52db572c893d40563016fedd46dc3da5bb231af5d5b187e7fe66be9d0
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b2901d269e0829f37c124f1d576db9194fb27c601743c842f1dbb0660090d97
2b3f42346f3e78b95f2df7b412c9f68f75dba129bdd1c7efb5b24064a1d0fde5
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
3178a9b07896af63d12eb2fea5ec4ffe0ec9423a901b174d2ef0139002ec13ee
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
483ff33c3674c73af399296211c73db28bf6380c0dc496867d9a0b0e73559968
509be74020caaaf83a87d9b552b8ff49bc79efd821240a94ad4f7c48acefaf1e
56c9922a9f59e574718ff84303941bb406193f0ae339be53027c50e554ae3ed7
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ed853531d5f6c6783cdc5c34a1478213b1779a084014bd4b1b312b83db85f76
6311b70565e6ed451b262270b272d6bc208a840a59127258655f27d936135b33
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
68412b94826b8f9aaa8094e14907ba77260e9e7a9daa9745038972a15685029b
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
794b9e10816a6252aef7eb75ced45cf53dd47eafe1773ab94c141727132460b8
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8a17db44ec5e656a0a27b74532c4105d13af1be688bc9275901638a009574f99
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9e348a28158bf359c0a430a38317a407e417b901a2e492836a8410cfdffc9afd
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d38ebe31a12e6c88de4f40af63dd23841c9879f168a8824aa475029ef59dd1
baa4b49ff6d9d13c3a6457408ace18c4ce06399ab0af5f324dcb8d01d807e3c1
bdaeb64b21a7c95a84c49a72146305e45a21a24643cf1b7280513912c633438d
bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd46d35145dc6c9125b21ceb7256741d7e5771e04b2290947ffc2fcfa1a81452
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03781d6e73a2b65945f7dc0427a3b1934ca8fcd09df3996dcf716f6c2942d3
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

1stamericanmutual.com Open in urlscan Pro 45.40.153.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

97 %HTTPS

36 %IPv6

8 Domains

13 Subdomains

11 IPs

4 Countries

686 kBTransfer

2574 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1stamericanmutual.com Open in urlscan Pro
45.40.153.168 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

97 %
HTTPS

36 %
IPv6

8
Domains

13
Subdomains

11
IPs

4
Countries

686 kB
Transfer

2574 kB
Size

5
Cookies

59 HTTP transactions
0 data transactions