www.rickduranagency.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://segurodeautoennj.com/
Effective URL:
https://www.rickduranagency.com/
Submission: On July 26 via automatic, source certstream-suspicious (July 26th 2024, 10:20:38 pm UTC) — Scanned from DE

Summary HTTP 83 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 83 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.rickduranagency.com.
TLS certificate: Issued by R11 on July 18th 2024. Valid for: 3 months.

This is the only time www.rickduranagency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
34	2a09:8280:1::... 2a09:8280:1::42:4195	40509 (FLY) (FLY)
2	52.205.248.114 52.205.248.114	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.236.171.182 54.236.171.182	14618 (AMAZON-AES) (AMAZON-AES)
2	104.198.70.133 104.198.70.133	15169 (GOOGLE) (GOOGLE)
3	152.195.54.7 152.195.54.7	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:216... 2600:9000:2165:7000:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	18.202.190.66 18.202.190.66	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:5ac::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	54.76.5.246 54.76.5.246	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.105.226 99.80.105.226	16509 (AMAZON-02) (AMAZON-02)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:7628::	15169 (GOOGLE) (GOOGLE)
83	24

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

segurodeautoennj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

insuringjersey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

www.rickduranagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.248.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-248-114.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.171.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-171-182.compute-1.amazonaws.com

invocation.deel-dev.test.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.54.7 (United States)

ASN15133 (EDGECAST, US)

static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2165:7000:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.202.190.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-190-66.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:5ac::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.5.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-5-246.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.105.226 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-105-226.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 658086 peachy.prod.mirus.io — Cisco Umbrella Rank: 691500	687 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 5862	70 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	629 B
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	5 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 124976	3 KB
4	statefarm.com online.statefarm.com Failed smetrics.statefarm.com — Cisco Umbrella Rank: 85192 apps.statefarm.com — Cisco Umbrella Rank: 92779	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	148 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2631 insight.adsrvr.org — Cisco Umbrella Rank: 1486	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	226 KB
3	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 415750 invocation.deel-dev.test.c1.statefarm — Cisco Umbrella Rank: 397553 deel-id-persistence.deel.c1.statefarm Failed	20 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	260 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	22 KB
1	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 19181	5 KB
1	rickduranagency.com www.rickduranagency.com	188 KB
1	insuringjersey.com 1 redirects insuringjersey.com	325 B
1	segurodeautoennj.com 1 redirects segurodeautoennj.com	313 B
83	20

	Domain	Requested by
34	ephemera.mirus.io	www.rickduranagency.com
6	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com
4	ct.pinterest.com	s.pinimg.com
4	tr.snapchat.com	sc-static.net
4	connect.facebook.net	www.rickduranagency.com connect.facebook.net
3	dpm.demdex.net	1 redirects
3	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com nexus.ensighten.com
2	apps.statefarm.com	static1.st8fm.com
2	insight.adsrvr.org	js.adsrvr.org
2	smetrics.statefarm.com	nexus.ensighten.com
2	s.pinimg.com	www.rickduranagency.com s.pinimg.com
2	peachy.prod.mirus.io	www.rickduranagency.com
2	invocation.deel.c1.statefarm	www.rickduranagency.com
1	tr6.snapchat.com	sc-static.net
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	sc-static.net	www.rickduranagency.com
1	js.adsrvr.org	www.googletagmanager.com
1	static1.st8fm.com	invocation.deel.c1.statefarm
1	invocation.deel-dev.test.c1.statefarm	invocation.deel.c1.statefarm
1	www.rickduranagency.com
1	insuringjersey.com	1 redirects
1	segurodeautoennj.com	1 redirects
0	deel-id-persistence.deel.c1.statefarm Failed	nexus.ensighten.com
0	online.statefarm.com Failed	invocation.deel.c1.statefarm
83	28

This site contains links to these domains. Also see Links.

Domain
apps.statefarm.com
proofing.statefarm.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
www.yelp.com
search.google.com
www.statefarm.com
financials.statefarm.com
www.google.com
get-id-card.delitess.c1.statefarm
www.youtube.com
www.rickduran.com
www.twitter.com
trupanion.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
rickduranagency.com R11	`2024-07-18` - `2024-10-16`	3 months	crt.sh
ephemera.mirus.io E5	`2024-07-21` - `2024-10-19`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-05` - `2024-08-03`	3 months	crt.sh
invocation.deel-dev.test.c1.statefarm Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
peachy.prod.mirus.io R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.de WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.rickduranagency.com/
Frame ID: 2B8EEBCA3E9B2FE483B30F68524C0ABD
Requests: 76 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: B74B4821A2C7A39D620FC6552A5B9147
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=abd239dc-c44f-4f7e-bf0e-0a65507669ab&u_sclid=e8e8e9ee-2a6e-4445-b25f-6285d810a64d
Frame ID: CD7BE57FE42F162577F9FD041265511E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fwww.rickduranagency.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 1A285A5B9D8743DA747DA2082CAB6C50
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fwww.rickduranagency.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: 669DF5807F42D2A5C0ED9CF5501A8F20
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9B40632F02C9F2FC1CFC037D7150D3FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NJ Auto & Home Insurance Agent Rick Duran - State Farm®

Page URL History Show full URLs

https://segurodeautoennj.com/ HTTP 301
http://insuringjersey.com/ HTTP 307
https://insuringjersey.com/ HTTP 307
http://insuringjersey.com/ HTTP 301
https://www.rickduranagency.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

83
Requests

93 %
HTTPS

35 %
IPv6

20
Domains

28
Subdomains

24
IPs

4
Countries

1407 kB
Transfer

4149 kB
Size

25
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.statefarm.com/CustomerRegistrationUI/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/562739627232155

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/duranrick

Search URL Search Domain Scan URL

URL: https://twitter.com/RickDuranAgency

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rickduranagency/

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/eJIlx2bO0_0gw9MOVr2nbQ

Search URL Search Domain Scan URL

URL: https://search.google.com/local/writereview?placeid=ChIJM8RhUlDPw4kRwAVJW_UEGwY

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/retrieve-saved-quotes/
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=40.455068%2C-74.395492&query_place_id=ChIJM8RhUlDPw4kRwAVJW_UEGwY
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/safety/the-real-consequences-of-drunk-driving#agentAssociateId=DDP93BJT5GF
Title: The Real Consequences of Drunk Driving

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/college/money-and-college#agentAssociateId=DDP93BJT5GF
Title: Money and college: Mistakes students make with finances

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/family/protect-kids-from-a-furniture-tipover#agentAssociateId=DDP93BJT5GF
Title: Protect kids from a furniture tip over

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/#agentAssociateId=DDP93BJT5GF
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=SdutO_iKakA
Title: Final Boss (:30)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=PL-5pfIstDU
Title: Mahomes and MaAuto (feat. Patrick Mahomes & Travis Kelce)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=KpC7IMftbG8
Title: Sorry (:30)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=PJjuATO1x34
Title: Workout Bundle (feat. Derrick Henry) :30

Search URL Search Domain Scan URL

URL: https://www.rickduran.com/
Title: www.rickduran.com

Search URL Search Domain Scan URL

URL: http://www.facebook.com/rickduranagency
Title: Rick Duran - State Farm Agent Facebook Page

Search URL Search Domain Scan URL

URL: http://www.twitter.com/rickduranagency
Title: Rick Duran - State Farm Agent Twitter Page

Search URL Search Domain Scan URL

URL: http://www.instagram.com/rickduranagency
Title: Rick Duran - State Farm Agent Instagram Page

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://segurodeautoennj.com/ HTTP 301
http://insuringjersey.com/ HTTP 307
https://insuringjersey.com/ HTTP 307
http://insuringjersey.com/ HTTP 301
https://www.rickduranagency.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1722032433388 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1722032433388

Request Chain 65

https://cm.everesttech.net/cm/dd?d_uuid=84829693005891704660126293937030149112 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqQhMQAAAE7iJwO5

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rickduranagency.com/
Redirect Chain

https://segurodeautoennj.com/
http://insuringjersey.com/
https://insuringjersey.com/
http://insuringjersey.com/
https://www.rickduranagency.com/

744 KB
188 KB

984ms
232ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1079dbd178020ea43c59e24e2c4fbf23dbb55bf11565dc5eb2b4904574dd5121

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Fri, 26 Jul 2024 22:20:31 GMT
etag: "81d34fd02dd90e08866f8c80f09ca7c6"
expires: Fri, 26 Jul 2024 22:21:01 GMT
last-modified: Fri, 26 Jul 2024 14:51:45 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:rickduranagency.com/
x-cheesecrd-path: /
x-goog-generation: 1722005505895807
x-goog-hash: crc32c=O4DHEw== md5=gdNP0C3ZDgiGb4yA8Jynxg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 191620
x-guploader-uploadid: AHxI1nNYFIqcrZHpT-bTYUxeIbVWHJLHLen0J9ipF2ieRqOkZPGlefjpLSPIKQ5BPj2oBbkogp0

Redirect headers

Connection: keep-alive
Content-Length: 66
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Jul 2024 22:20:31 GMT
Location: https://www.rickduranagency.com
Server: ip-100-74-5-133.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 8e5c9760-b212-4a33-9741-c8314dc8febf

GET
H2 200 rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png
ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 57 KB
57 KB 237ms
175ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

c4609766690f02221321b9a9fd25863c39c9d30f13ccd8fb222e1fdcccadb4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ391X9DFMT1X4GZRSRAAN-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 57952
expires: Wed, 02 Apr 2025 14:34:02 GMT

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 15 KB
6 KB 364ms
124ms Script
text/javascript 52.205.248.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.248.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-248-114.compute-1.amazonaws.com
Software: /
Resource Hash: 519d2bfc99613720b69d5609eb92515c00524694a35a86669854f4683103425f

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
x-amzn-requestid: 02fb63b6-100a-488f-8ec2-2a8ee1679202
x-amzn-trace-id: Root=1-66a42130-7a7c7a250f0e21ed222d65d2;Parent=5f39fc1bca068574;Sampled=0;lineage=bfbe80d8:0
access-control-allow-methods: OPTIONS,POST,GET
content-type: text/javascript
access-control-allow-origin: *
server-timing: generated;dur=7.404318999964744
x-amz-apigw-id: biofnGjwIAMEiYQ=
content-length: 6206
access-control-allow-headers: Content-Type, Referer

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91b82a28921302098ca869fd8f7bce3182246adc898569cf127c6c21a6e70a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jul 2024 22:20:32 GMT
content-md5: EertOpUzSb6a5F1BXLGw8g==
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: Xk9emboPs/2g+jCWgLiYkOkh4TkaSkYkOL4avMaKqzs2JEv+Ht8oltBv6tdjQB7Hrg95YrIBJkxVvNTbBOwZgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 51a08cf6c3d77cd10e683606242e96b2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "e6ea11b847a3ae140d69f9a625aae0cd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 26 Jul 2024 22:23:46 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 31 KB
32 KB 148ms
91ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-SemiBold.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOmVhv5_nnpDkfl9WneJDy_OUklmQr1i-0bw29tdUt2qqmCgWIzVoSiJyKi2bSWkhWmWX1l7tqkIg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32208
last-modified: Thu, 25 Jul 2024 20:37:34 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ391XBD3RMJQDAN3Q6N4F-fra
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-generation: 1721939854677804
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32208
x-instance: 3287444ec4d918
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 rickduranagency.com-header-e63797f3212a3dc4dc1b4ef47ee5f9a4.png
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 20 KB
21 KB 218ms
177ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-e63797f3212a3dc4dc1b4ef47ee5f9a4.png

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

828e67a96c04903dad31c3c9025a4fe6a3e6ac76cf8ce1bea990759106193a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ391W89WR268FYXHW0WVC-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-e63797f3212a3dc4dc1b4ef47ee5f9a4.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 20792
expires: Thu, 03 Apr 2025 21:50:53 GMT

GET
H2 200 DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg
ephemera.mirus.io/imgr/50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 894 B
1 KB 405ms
364ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

7b5c2d190ee2c0a43faa645c1f67b85a66d77bd4bbee6db640cf580dfb378fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ391XBR4FMBHQ8FDNVX4T-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 894
expires: Fri, 26 Jul 2024 19:35:58 GMT

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 31 KB
32 KB 161ms
123ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-Medium.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nONV_ruCAAG8KL1GbXX4P7cj7qRZceY3JqDKVYxbXTMgDoeGdrR0TJBato1csXrlZ5PpENEKwI6PA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32200
last-modified: Thu, 25 Jul 2024 20:37:34 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ391XGBB7R4JNV2B0HE82-fra
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-goog-generation: 1721939854173153
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32200
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:15 GMT

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 31 KB
32 KB 129ms
90ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
age: 43
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-Regular.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOrhk0uLYY31MA9VqHO8NU0hEtzmVWOCelkkUu-4qAW-nku9ljDh6du45j88yGDAW2djV3CQaCpwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31948
last-modified: Thu, 25 Jul 2024 20:37:34 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ391XBKB32BNPNH7BT04C-fra
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-generation: 1721939854436742
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 31948
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=78c9adbc37d236b8b684eff7e176510b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa1cf008cd95cd1a67295b8f5691b52896a5ce4343d4098ce915463a8876ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jul 2024 22:20:32 GMT
content-md5: gvXeQxP0/P9c37XsJ0LKdw==
document-policy: force-load-at-top
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89085
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-ua-compatible: IE=edge
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=20, mss=1328, tbw=6615, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: mUgOMSTxu5jXS+lJM/gbIEGkBBqD1Jaws/hAgb3eaChbuyfcUK6F7rAauUEfE3MmXfK1D/miw8398oLG30datw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 542a8de158e13d45abe63352cc7f48f5
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6ff90e6df7538309dc476458fc1a2056"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 26 Jul 2025 21:37:12 GMT

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 31 KB
31 KB 90ms
89ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
age: 43
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSans-Bold.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOg_Hej1CnCmES8KDlUUVUSrgjO_FoofxACGBPJM3JJRSsDyRiQgm8dZ9UXONkIvI2UvfQNGSIP2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31812
last-modified: Thu, 25 Jul 2024 20:37:33 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ395CZRX1SDMXWBAX4PEM-fra
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-generation: 1721939853910818
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 31812
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 MecherleSlab-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 33 KB
33 KB 121ms
121ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSlab-Regular.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: c96463100e774599fbb9784785ca4e09f5ae7fa77c12d234cb972f1465d0b0e2

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleSlab-Regular.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nONp2ykwG0aI7sQVbikB0IpUpfBNKMauesgpBoA-qbozo2AJ6tzjXPVLjOWBvSJ4X1VgEbQhIW-PQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33916
last-modified: Thu, 25 Jul 2024 20:37:34 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ395CBAWXPJQ46N5X98FV-fra
etag: "5e7303e29d6b93b208e9f409c7ed7045"
x-goog-generation: 1721939854954086
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=R7hKEQ==, md5=XnMD4p1rk7II6fQJx+1wRQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 33916
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:47:37 GMT

GET
H2 200 rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 3 KB
4 KB 97ms
97ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

62bd9b8c4c176f57732dbe5e7644be627c73b3f16062e889e1cf03f316f12001

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ3985QYCWVE5M49VA7E5D-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 3472
expires: Thu, 03 Apr 2025 05:33:03 GMT

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/ 10 KB
10 KB 158ms
158ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ398AXQ7K1WST8C821BWQ-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 9952
expires: Sat, 27 Jul 2024 01:58:38 GMT

GET
H2 200 money-and-college.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 3 KB
3 KB 91ms
90ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/money-and-college.jpg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

cb00956b56b680d25c9ecb6cd3663f5869bf6f01bd742224b05b1f53a92a2e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ398EFSAXAQBT4MXA806J-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/money-and-college.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 3278
expires: Sat, 27 Jul 2024 00:26:37 GMT

GET
H2 200 507-protect-kids-from-a-furniture-tipover-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 19 KB
20 KB 98ms
97ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/507-protect-kids-from-a-furniture-tipover-wide.jpg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

84ddf3237bdf50ff40de4250aa4979f04ad7740a60c31acad3bf39d73b3bf09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ398EEAX9C2SRTGSNEZ46-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/507-protect-kids-from-a-furniture-tipover-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 19900
expires: Sat, 27 Jul 2024 00:27:01 GMT

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 3 KB
2 KB 167ms
167ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/alpineFileInput.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
via: 2 fly.io
age: 17
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/alpineFileInput.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nNqKGaxrMp6aTDnWVzRVo2BehsaP9-Ho3K3vOzFJ7FqrHbBfKMeIFyQc7PS3gXaoLbRb1f-QbZHBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1421
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ398SGHV5VKZQ9Y12N9Z1-fra
etag: "469709b06cd36df653f77e5f7715c363"
vary: Accept-Encoding
x-goog-generation: 1721939862672245
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=1UwfBQ==, md5=RpcJsGzTbfZT935fdxXDYw==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 1421
x-instance: 3287444ec4d918
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:47:36 GMT

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 15 KB
6 KB 182ms
103ms Script
text/javascript 52.205.248.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.248.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-248-114.compute-1.amazonaws.com
Software: /
Resource Hash: 519d2bfc99613720b69d5609eb92515c00524694a35a86669854f4683103425f

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
x-amzn-requestid: 023f2314-d665-49bb-af6e-2e898c07587f
x-amzn-trace-id: Root=1-66a42130-039f568c75c7dd620fbb68cb
access-control-allow-methods: OPTIONS,POST,GET
content-type: text/javascript
access-control-allow-origin: *
server-timing: generated;dur=7.404318999964744
x-amz-apigw-id: biofoFMMIAMEtEQ=
content-length: 6206
access-control-allow-headers: Content-Type, Referer

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
0 1ms
1ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91b82a28921302098ca869fd8f7bce3182246adc898569cf127c6c21a6e70a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EertOpUzSb6a5F1BXLGw8g==
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: Xk9emboPs/2g+jCWgLiYkOkh4TkaSkYkOL4avMaKqzs2JEv+Ht8oltBv6tdjQB7Hrg95YrIBJkxVvNTbBOwZgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 51a08cf6c3d77cd10e683606242e96b2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "e6ea11b847a3ae140d69f9a625aae0cd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 26 Jul 2024 22:23:46 GMT

GET
H2 200 rickduranagency.com-header-e63797f3212a3dc4dc1b4ef47ee5f9a4.png
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 20 KB
0 2ms
2ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-e63797f3212a3dc4dc1b4ef47ee5f9a4.png
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 828e67a96c04903dad31c3c9025a4fe6a3e6ac76cf8ce1bea990759106193a53

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
fly-request-id: 01J3RJ391W89WR268FYXHW0WVC-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-e63797f3212a3dc4dc1b4ef47ee5f9a4.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 20792
expires: Thu, 03 Apr 2025 21:50:53 GMT

GET
H2 200 DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg
ephemera.mirus.io/imgr/50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 894 B
0 140ms
140ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/imgr/50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 7b5c2d190ee2c0a43faa645c1f67b85a66d77bd4bbee6db640cf580dfb378fd8

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
fly-request-id: 01J3RJ391XBR4FMBHQ8FDNVX4T-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 894
expires: Fri, 26 Jul 2024 19:35:58 GMT

GET
H2 200 rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 3 KB
0 74ms
74ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 62bd9b8c4c176f57732dbe5e7644be627c73b3f16062e889e1cf03f316f12001

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
fly-request-id: 01J3RJ3985QYCWVE5M49VA7E5D-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 3472
expires: Thu, 03 Apr 2025 05:33:03 GMT

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/ 10 KB
0 139ms
139ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
fly-request-id: 01J3RJ398AXQ7K1WST8C821BWQ-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 9952
expires: Sat, 27 Jul 2024 01:58:38 GMT

GET
H2 200 money-and-college.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 3 KB
0 76ms
76ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/money-and-college.jpg
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: cb00956b56b680d25c9ecb6cd3663f5869bf6f01bd742224b05b1f53a92a2e62

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
fly-request-id: 01J3RJ398EFSAXAQBT4MXA806J-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/money-and-college.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 3278
expires: Sat, 27 Jul 2024 00:26:37 GMT

GET
H2 200 507-protect-kids-from-a-furniture-tipover-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 19 KB
0 83ms
83ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/507-protect-kids-from-a-furniture-tipover-wide.jpg
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 84ddf3237bdf50ff40de4250aa4979f04ad7740a60c31acad3bf39d73b3bf09c

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
fly-request-id: 01J3RJ398EEAX9C2SRTGSNEZ46-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/507-protect-kids-from-a-furniture-tipover-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 19900
expires: Sat, 27 Jul 2024 00:27:01 GMT

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 57 KB
21 KB 134ms
132ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/alpine.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
via: 2 fly.io
age: 60
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/alpine.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nPdkxit7u2LAK9Ax1E3oZKw46pFb2yijLMbLy93Cowq3HV-fONpirFPpn3KFU0H1socvCLDsV_-EQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20468
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ39900S3NDEEB1S6JBQEE-fra
etag: "325cb81db127575cff63b2c1e7498924"
vary: Accept-Encoding
x-goog-generation: 1721939862546923
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=LzHgoA==, md5=Mly4HbEnV1z/Y7LB50mJJA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20468
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 8 KB
4 KB 171ms
169ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/lazysizes.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
via: 2 fly.io
age: 53
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/lazysizes.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOCBR1oxo6XW3wg1wp2nGCIUZLCxzNcTtsfXc74hYyt2S2Mhqbah43E_SXSMECMu5IRxaWqCWX-pQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3734
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ3990YS74AVRFNCE8X2S6-fra
etag: "2fb010765186417da12346886fba3121"
vary: Accept-Encoding
x-goog-generation: 1721939862732410
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=tVVvrw==, md5=L7AQdlGGQX2hI0aIb7oxIQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 3734
x-instance: 3287444ec4d918
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 471 B
657 B 167ms
165ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/scrollToElement.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
via: 2 fly.io
age: 53
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/scrollToElement.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nO96nZqUBRatL1hk2DFFCGgxI-g_pZtUAGBIH1xBnD6zRV0eDR7UBuEwCymihiFrI6tLjQF5LkzNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ3990GWQAW9W4PKJFD5BB-fra
etag: "927818f6cd4025e3656bc64ae6878d1a"
vary: Accept-Encoding
x-goog-generation: 1721939862795977
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=RSR0kQ==, md5=kngY9s1AJeNla8ZK5oeNGg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 305
x-instance: 3287444ec4d918
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 3 KB
2 KB 167ms
165ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/utils.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
via: 2 fly.io
age: 130
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/utils.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOdEPjxW-d1_xbb1MhfrIkUa6El9Yz2PFhCpz2YYjMDzhqQzuKGRrzWYFpYK2TdunPzz78V4Wp2tQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1392
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ3990QFCMCX74XZ4H04KG-fra
etag: "af8943f8f7980b8b5d0fb4d5354419d0"
vary: Accept-Encoding
x-goog-generation: 1721939862932165
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=4ONwJg==, md5=r4lD+PeYC4tdD7TVNUQZ0A==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 1392
x-instance: 3287444ec4d918
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:53 GMT

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 122 B
493 B 171ms
169ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/svgIcon.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
via: 2 fly.io
age: 98
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/svgIcon.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nMu9SJWgZDqZYuNVGFIbJj0q67JEucPdABr2MaYO70wHfGGr2WdDI34QyCwpR3fahDl8OQEXns94A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ39904610H515Q953A7AB-fra
etag: "9c19d54efaecc0a7511f297f8974b2fd"
vary: Accept-Encoding
x-goog-generation: 1721939862865688
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=eftfvQ==, md5=nBnVTvrswKdRHyl/iXSy/Q==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 134
x-instance: 3287444ec4d918
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:15 GMT

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/ 112 KB
45 KB 144ms
143ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/alpineContactForm.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 8d31eee3622049373651e31e58202a0fa7a857dce860febf626192e88e9b8d29

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: zstd
via: 2 fly.io
age: 22
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/js/alpineContactForm.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOS6-WMGQUGFyrH-dereO-6nkyezPPEVJQtOiLfiwfyph09Bor4a_cm16X-G3ZpThPKqXQdqlI2nQ
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 25 Jul 2024 20:37:42 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ3990YG1NPW5MENKPFPE7-fra
etag: W/"6adf4ca94f8fccd89f5639eb5c3051b9"
vary: Accept-Encoding
x-goog-generation: 1721939862611282
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=MRnIbA==, md5=at9MqU+PzNifVjnrXDBRuQ==
cache-control: public,max-age=31536000,immutable
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 40209
x-instance: 080eee0c157798
expires: Fri, 25 Jul 2025 20:47:59 GMT

GET
H2 200 deel.js Show response
invocation.deel-dev.test.c1.statefarm/ 15 KB
7 KB 394ms
166ms Fetch
text/javascript 54.236.171.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel-dev.test.c1.statefarm/deel.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.236.171.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-171-182.compute-1.amazonaws.com
Software: /
Resource Hash: f5f347e044f2914001599a0899039d5e54460e4ddbaa8446c7957a7c707c71e5

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
content-encoding: gzip
x-amzn-requestid: ba16e7a4-763d-4276-8ba3-14051ea001e4
x-amzn-trace-id: Root=1-66a42130-46f36e2264e4b26f5648c66e;Parent=371098a2deee2378;Sampled=0;lineage=7bf80715:0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
content-type: text/javascript
access-control-allow-origin: *
server-timing: generated;dur=21.98255200003041
x-amz-apigw-id: biofqHBcoAMEbvw=
content-length: 6635
access-control-allow-headers: Content-Type, Referer

GET trafficdetection.aspx
online.statefarm.com/ddc/ 0
0

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 32 KB
33 KB 89ms
89ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
age: 82
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleLegal-Medium.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nO7KW29AMz7REWaE9T1ghrLvIdYyqJ9Z1eOVu04ijo3ouSpCii-BK21YkDhkHd0Dyo7SbHqXBLn1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32960
last-modified: Thu, 25 Jul 2024 20:37:33 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ39EXVYJ7V4RX9M6RP3S0-fra
etag: "5c321170479a815ab790c771bcc8f1d3"
x-goog-generation: 1721939853407131
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32960
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:15 GMT

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/ 32 KB
32 KB 110ms
110ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer: https://www.rickduranagency.com/
Origin: https://www.rickduranagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/fonts/sf/MecherleLegal-Regular.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOQ26cnmGx6J4y4mopMOiWK4n4z514xWKrXFfP7olaXiQrjm8KhlKJ-qHenYc0SkxfRxm4miYKmmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32844
last-modified: Thu, 25 Jul 2024 20:37:33 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ39EX9FDNJAN6C5WEFSRW-fra
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-generation: 1721939853665267
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32844
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:54 GMT

GET
H2 200 rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png
ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 115 KB
115 KB 94ms
94ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

0ddfd3df9658f72f814af1cdc421cc55d75314d494de48437bd6f741d8d3dc7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ39HMB49HXZ74Z3SWCMBY-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 1920x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 117938
expires: Thu, 22 May 2025 21:50:17 GMT

GET
H2 200 DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg
ephemera.mirus.io/imgr/250x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 5 KB
5 KB 91ms
91ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

5317565bf76f9ed3f12f7d365b3f5f06da4392bc9ed03e4cd5d44687f3c8021f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ39HMYMP9NCVS71AA4ZVZ-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 250x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/DDP93BJT5GF_agent_avatar_20230124212739Z_rickduranagency_com_oqziphoqro.jpeg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 4748
expires: Fri, 26 Jul 2024 15:47:08 GMT

GET
H2 200 rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png
ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/ 70 KB
70 KB 103ms
102ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

e20333478d98e46ade776bb59910f232194f58960f1791aa321d2376b7b73f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ39Q5PH42XKT0AW7Y04K0-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-sidebar-md-2decca76d73c6cb1f147c2c1af7962d2.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 71634
expires: Fri, 04 Apr 2025 22:55:17 GMT

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/500x0/https://static1.st8fm.com/en_US/img/si/750/ 19 KB
19 KB 101ms
101ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

da8d46b17fa3662d15b0cd41da8c4952c321723e47662336bf629db3a951699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ39Q5CEG54SAT0F3EZE2X-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 500x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 080eee0c157798
x-region: ewr
content-disposition: inline
content-length: 19486
expires: Sat, 27 Jul 2024 01:59:40 GMT

GET
H2 200 money-and-college.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 24 KB
24 KB 100ms
100ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/money-and-college.jpg

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

8e72c026ed5abba429a9e1d32f8947fbd1064a5d81b9c9460bb7516ed754c192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ39Q5CQ9CJ1JH2E8YJ2FH-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/money-and-college.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 24202
expires: Fri, 26 Jul 2024 23:52:29 GMT

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 388ms
123ms Preflight 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://www.rickduranagency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://www.rickduranagency.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 66 B
317 B 122ms
121ms Fetch
application/json 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

9ed4d45b3b3ec867a4d90438f985008eb7a860bd20e059a324f0e1dcb42bad98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
keen-sdk: javascript-5.0.1
Authorization: WK
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rickduranagency.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 66

GET
H2 200 favicon.webp
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/img/ 6 KB
6 KB 90ms
90ms Other
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/img/favicon.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/de12f7b92 (2024-07-24) /
Resource Hash: 41131d6396fe2757796d08a8c01d334657c900012c31c268e153f1ed9f2779c9

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/86c092296a624b0a27f6a50ff8bd4e28e0aa3e51/img/favicon.webp
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOHLduSO7pDY9t_gwTbYVxrCQLZ1a8iFH6tSRwkmLZuhy_i4rgawNFQoD6MsJjW2Mav_U_vzx21_g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5902
last-modified: Thu, 25 Jul 2024 20:37:35 GMT
server: Fly/de12f7b92 (2024-07-24)
fly-request-id: 01J3RJ39VRZ52Z516H5BJ5C065-fra
etag: "be0fc51bcc205aaf5fde76c2954de4ae"
x-goog-generation: 1721939855176130
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5NQfJQ==, md5=vg/FG8wgWq9f3nbClU3krg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 5902
x-instance: 080eee0c157798
accept-ranges: bytes
expires: Fri, 25 Jul 2025 20:46:54 GMT

GET
H2 200 sfuid.js Show response
static1.st8fm.com/en_US/applications/dasenblt_static_content/ 21 KB
5 KB 586ms
99ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcd/7D64) /

Resource Hash

acfab1e3846f4c81d1b41376854f82dcfbf36ac7becd0ea4ac4a623ba5149d0d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2024 16:00:01 GMT
server: ECD (dcd/7D64)
age: 981
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 5207
expires: Sat, 27 Jul 2024 02:20:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 609 KB
119 KB 80ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8770d514d96c1889da9b7178c0474ae1181acb61b7bb27351e0345fb404bdb3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120927
x-xss-protection: 0
last-modified: Fri, 26 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Jul 2024 22:20:33 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
29 KB 102ms
18ms Script
application/javascript 2600:9000:2165:7000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:7000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bb31b4604b2797a1f4def3f616b57c2bf247d710e8bea1c4f37defebf496d45c

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:28:56 GMT
x-amz-version-id: mV_CSuXcsCxXMuW.SQKGEhDygsBgwKyl
content-encoding: br
via: 1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P6
age: 93098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 Jul 2024 20:28:10 GMT
server: CloudFront
etag: W/"afe4906686d181a5ab5837aeb313ed3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: qb6obMHUgQjVJP4lDgYJRYMug-kTWKKRDQwv9bipEngE4JN-7reGnw==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1722032433388
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1722032433388

1 KB
1 KB

47ms
42ms

XHR
application/json

18.202.190.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1722032433388

Protocol

Server

18.202.190.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-190-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

314c1bbdebb5556d7a98a2c756063f488ce0ec78ee6041e03396b0ad9c1713d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v063-0617d9509.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: Pp83Y2BjRNU=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.rickduranagency.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 618
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v063-0af13309f.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: vVnmDiJ3T0I=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1722032433388
access-control-allow-origin: https://www.rickduranagency.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 520 B
851 B 36ms
35ms Script
text/javascript 2600:9000:2165:7000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Jul%2025%2020:28:07%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fwww.rickduranagency.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:7000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ad22bc0a8673d50a895d123e6ca9f24af5e42647d25e60209de22dac73a0a7d6

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
via: 1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P6
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 520
x-amz-cf-id: xQwMR2dJ6ObqA5Ews9ML__40OlMH2CqRck2ByIsuzpf1Rim3zIXG5w==
expires: Fri, 26 Jul 2024 22:20:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 346 KB
108 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a31de0ca98d7e27a24bcd3ddb3ec95acb8f5606322ceb37706a4e88d3f577c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 22:20:33 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
57 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jul 2024 22:20:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4318, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: p6P50XN6HXNHP7RrIlJe39iTsk/TCwOR3I76quRicqvhk9NXUgYgPukICd4d/ffGDj3plVoe7LYQFIEdOlsGTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 54ms
5ms Script
application/javascript 2a02:26f0:480:5ac::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:5ac::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62a16567a3d56a4149035792551d5ebf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1882

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 72ms
16ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 26 Jul 2024 05:01:33 GMT
Content-Encoding: gzip
Via: 1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 62341
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: UkZJbSPmyl9-jntVgolOQsJn79eCWZweaTs4EiFglT3UUneJ0hUDSA==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 50 KB
22 KB 72ms
26ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.rickduranagency.com
URL: https://www.rickduranagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 66e9a0c6eb4a4df18c3c89be6e3395142d840f23915ddd79f3d4b8f460effea2

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
content-encoding: gzip
via: 1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21527
x-amz-cf-id: 0iD1dbMDGOdPUYIXfnXr8HzZ069_7g9Q6rSN-kocmVcvm16FZQQkVA==

GET
H3 200 3eec2c83b75e8d1ab932fd84411b16ed.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 141 KB
37 KB 16ms
16ms Script
application/javascript 2600:9000:2165:7000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/3eec2c83b75e8d1ab932fd84411b16ed.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2165:7000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 8d8d24e8665fb471ec28acf679df75b8ca7ba6ba56814eff606ee4024da4e46a

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:28:25 GMT
x-amz-version-id: ROPeHkezthVbbHwPWYS55gtCHYRIJtcN
content-encoding: br
via: 1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
age: 93129
x-amz-cf-pop: MUC50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 Jul 2024 20:28:10 GMT
server: CloudFront
etag: W/"a1adfc44aa078e6a203052280728046d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: tMtWUTD6_6uxc8xG313H1F8ZU5gQpG8vRZWosXJw9OOWgenubftqBg==

GET
H3 200 67e23f433c17c19ee01d907cd9f5bbae.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 16ms
16ms Script
application/javascript 2600:9000:2165:7000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/67e23f433c17c19ee01d907cd9f5bbae.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2165:7000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c53912688feb1f3487f73bedf6110ca486394a5012141f2ccc7f871f17ff9246

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:35:32 GMT
x-amz-version-id: _GRp10PN.qGLDj6wgu3HZ3Sbxuc7rHKv
content-encoding: br
via: 1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
age: 175502
x-amz-cf-pop: MUC50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 Jul 2024 21:35:16 GMT
server: CloudFront
etag: W/"fc44bcccd35e68636e701278b1c7673e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: FLkD7D6z8KFJEZ_-k1yUe1QMxc2QN1rMSt_pgw90SXfz7TM-zcn_fQ==

GET
H3 200 5095319549dab6d1e412488ef6a86c6c.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 17ms
16ms Script
application/javascript 2600:9000:2165:7000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/5095319549dab6d1e412488ef6a86c6c.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2165:7000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a4e2cdcf1c7c7508b6c1528abedaa45ba48741664ccbc9c25a5320f6b3d7f7ea

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:35:32 GMT
x-amz-version-id: GYXD4Hri8sF0JPsC9L9P4lZnCpMU0fYa
content-encoding: br
via: 1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
age: 175502
x-amz-cf-pop: MUC50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 Jul 2024 21:35:16 GMT
server: CloudFront
etag: W/"d1871264a7ca42a924a577eb3d8ad161"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: GEwrerGEFad4KNM0sCCLcuBUUREEgfki9byonIZSSNTbrzI4ggrz0g==

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET dataLayer_logic.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H3 204 e.gif
nexus.ensighten.com/error/ 0
217 B 17ms
17ms Image
text/plain 2600:9000:2165:7000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F3eec2c83b75e8d1ab932fd84411b16ed.js%3FconditionId0%3D423109%3A246%3A554)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=4059465&did=710940&errorName=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2165:7000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 01:47:22 GMT
via: 1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
server: CloudFront
age: 73991
x-amz-cf-pop: MUC50-P6
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KjU3s0TaivKR-6-CiOoBo_c9im6edy2eLbjgH1zCrcHTB8kIiTXIrA==

GET 1673276772914128
connect.facebook.net/signals/config/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 54ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je47o0v9178161793z8849799669za200zb849799669&_p=1722032432492&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=220297400.1722032434&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722032433&sct=1&seg=0&dl=https%3A%2F%2Fwww.rickduranagency.com%2F&dt=NJ%20Auto%20%26%20Home%20Insurance%20Agent%20Rick%20Duran%20-%20State%20Farm%C2%AE&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5712
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rickduranagency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 57ms
20ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3WRNTYXP84&cid=220297400.1722032434&gtm=45je47o0v9178161793z8849799669za200zb849799669&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rickduranagency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3WRNTYXP84&cid=220297400.1722032434&gtm=45je47o0v9178161793z8849799669za200zb849799669&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=1967982608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.15f60036.js Show response
s.pinimg.com/ct/lib/ 80 KB
23 KB 9ms
8ms Script
application/javascript 2a02:26f0:480:5ac::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:5ac::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "8de095625367fc80faddb31d1c4af0e3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 23297

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame B74B 0
0 113ms
33ms Document
text/html 54.76.5.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.76.5.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-5-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 26 Jul 2024 22:20:33 GMT
dcs: dcs-prod-irl1-1-v063-0bfaafc67.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 18 Jul 2024 09:26:38 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 8ScqCZkIToo=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
471 B 222ms
20ms XHR
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=91077412502375313900728477449583228964&ts=1722032433662

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

44213643420d93db69e7df3dce7e2b755f57595de654efdbc3041b5b8e7b74e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.rickduranagency.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZqQhMQAAAE7iJwO5
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=84829693005891704660126293937030149112
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqQhMQAAAE7iJwO5

42 B
715 B

37ms
37ms

Image
image/gif

18.202.190.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqQhMQAAAE7iJwO5

Protocol

Server

18.202.190.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-190-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v063-019585cb5.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: +RibV1uhSGE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqQhMQAAAE7iJwO5
Date: Fri, 26 Jul 2024 22:20:33 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.json Show response
tr.snapchat.com/config/com/ 117 B
407 B 174ms
114ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.json?v=3.23.1-2407232353

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://www.rickduranagency.com
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117

GET
H2 200 i
tr.snapchat.com/cm/ Frame CD7B 0
0 78ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=abd239dc-c44f-4f7e-bf0e-0a65507669ab&u_sclid=e8e8e9ee-2a6e-4445-b25f-6285d810a64d

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 26 Jul 2024 22:20:33 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame 1A28 0
0 119ms
37ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fwww.rickduranagency.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.rickduranagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 26 Jul 2024 22:20:33 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame 669D 0
0 119ms
37ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fwww.rickduranagency.com%2F&upid=9nilek2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.rickduranagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 26 Jul 2024 22:20:33 GMT
server: Kestrel

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
372 B 77ms
40ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1722032433674&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3519848110268773
content-length: 185
pin-unauth: dWlkPVlqWTJaVFV4TWpJdE5UVXlPQzAwWVRVekxXSXdPV0l0TldSbVltRTNOMkkzTnpVeQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rickduranagency.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 24566c1eacfd475e71889db2e24a77832ef4e778
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
448 B 75ms
41ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.rickduranagency.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215f60036%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1722032433677
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.rickduranagency.com
pinterest-version: 24566c1eacfd475e71889db2e24a77832ef4e778
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1467600120265137
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 20ms
18ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
x-cdn: fastly
age: 755
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame 9B40 0
0 120ms
71ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.rickduranagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.d6d5ce17.1722032433.6a116bd
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 26 Jul 2024 22:20:33 GMT
pinterest-version: 24566c1eacfd475e71889db2e24a77832ef4e778
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1828738517451788

GET
H2 200 enterprisesfuid Show response
apps.statefarm.com/sfuidservice/ 50 B
670 B 241ms
240ms XHR
application/json 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

0e8b354887dfc6097ed55e6483c5d81208c12d1b3674ba55fb8b3e5b81046781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 22:20:34 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: ECD (dac/9B85)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rickduranagency.com
x-vcap-request-id: ac6f19c0-3025-4175-796f-f6e1e3087657
cache-control: no-store
access-control-allow-credentials: true
x-frame-options: DENY
content-length: 50
x-xss-protection: 1; mode=block

OPTIONS
H2 200 enterprisesfuid
apps.statefarm.com/sfuidservice/ Frame 0
0 460ms
292ms Preflight 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dac/9B85) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.rickduranagency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.rickduranagency.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 26 Jul 2024 22:20:34 GMT
expires: 0
pragma: no-cache
server: ECD (dac/9B85)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-vcap-request-id: 6e471067-90bd-46dc-5fc0-1e5b828cc780
x-xss-protection: 1; mode=block

POST
H3 200 p
tr.snapchat.com/ 0
15 B 35ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.rickduranagency.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 s72674108247986
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
324 B 22ms
20ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s72674108247986?AQB=1&ndh=1&pf=1&t=27%2F6%2F2024%200%3A20%3A33%206%20-120&D=..&mid=91077412502375313900728477449583228964&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3Addp93bjt5gf&g=https%3A%2F%2Fwww.rickduranagency.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=www.rickduranagency.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-m%3Addp93bjt5gf&h1=home%7Cagent-micro-m%7Cddp93bjt5gf&c4=sf%3Aagent-micro-m%3Addp93bjt5gf&v6=www.rickduranagency.com&v8=302abd&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fwww.rickduranagency.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=friday%7C5%3A00pm&v50=7%2F26%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F126.0.0.0%20safari%2F537.36&c70=en&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 27 Jul 2024 22:20:33 GMT
server: jag
etag: 3698036492917014528-4618649415619255210
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25 Jul 2024 22:20:33 GMT

GET
H2 200 507-protect-kids-from-a-furniture-tipover-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 33 KB
33 KB 89ms
89ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/507-protect-kids-from-a-furniture-tipover-wide.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/de12f7b92 (2024-07-24) /

Resource Hash

69d296634f22afab3cf7246b67c83b091e6f734930b7d45ad24389c7c2bd8863

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J3RJ3AWEGF66QWRFRMNKSHHW-fra
server: Fly/de12f7b92 (2024-07-24)
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/507-protect-kids-from-a-furniture-tipover-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 3287444ec4d918
x-region: ewr
content-disposition: inline
content-length: 33462
expires: Sat, 27 Jul 2024 00:27:22 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 46ms
17ms Ping
text/plain 2600:1901:0:7628::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Jul 2024 22:20:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 20ms
17ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Jul 2024 22:20:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.rickduranagency.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 609 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8770d514d96c1889da9b7178c0474ae1181acb61b7bb27351e0345fb404bdb3e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.rickduranagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 22:20:33 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 120927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 22:20:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.statefarm.com
URL: https://online.statefarm.com/ddc/trafficdetection.aspx

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1673276772914128?v=2.9.162&r=stable&domain=www.rickduranagency.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 22:21:58	Name: X-AB Value: 133c92fa2ed948cd92209e9ebfea4f59
www.rickduranagency.com/	1970-01-20 22:21:58	Name: __cheesecrd_version Value: master
.rickduranagency.com/	1970-01-21 00:30:08	Name: _gcl_au Value: 1.1.1580860748.1722032433
.rickduranagency.com/	1970-01-20 22:20:34	Name: s_gad Value: 1
.demdex.net/	1970-01-21 02:39:44	Name: demdex Value: 84829693005891704660126293937030149112
.rickduranagency.com/	1970-01-21 07:56:32	Name: _ga_3WRNTYXP84 Value: GS1.1.1722032433.1.0.1722032433.60.0.0
.rickduranagency.com/	1970-01-21 07:56:32	Name: _ga Value: GA1.1.220297400.1722032434
.rickduranagency.com/	1970-01-21 07:50:19	Name: _scid Value: 66fd0b37-8a61-49a6-956b-f015a5c8fe9a
.rickduranagency.com/	1970-01-21 07:50:19	Name: _scid_r Value: 66fd0b37-8a61-49a6-956b-f015a5c8fe9a
.rickduranagency.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.pinterest.com/	1970-01-21 07:06:08	Name: ar_debug Value: 1
.rickduranagency.com/	1970-01-21 07:06:08	Name: _pin_unauth Value: dWlkPVlqWTJaVFV4TWpJdE5UVXlPQzAwWVRVekxXSXdPV0l0TldSbVltRTNOMkkzTnpVeQ
.rickduranagency.com/	1970-01-20 22:30:37	Name: _ScCbts Value: %5B%5D
.dpm.demdex.net/	1970-01-21 02:39:44	Name: dpm Value: 84829693005891704660126293937030149112
.doubleclick.net/	1970-01-21 07:42:08	Name: IDE Value: AHWqTUmOocwOJdYIJ2R9G9eEgHGtlCgK86XwZ0tfvgUD5XTd02Ixyy0LGYcAXbX-1iI
.statefarm.com/	1970-01-21 07:56:32	Name: s_ecid Value: MCMID%7C91077412502375313900728477449583228964
.rickduranagency.com/	1970-01-21 07:56:32	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19931%7CMCMID%7C91077412502375313900728477449583228964%7CMCAAMLH-1722637233%7C6%7CMCAAMB-1722637233%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1722039633s%7CNONE%7CMCSYNCSOP%7C411-19938%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.rickduranagency.com/	1970-01-20 22:20:34	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m%3ADDP93BJT5GF
.rickduranagency.com/	1970-01-20 22:20:34	Name: s_pre_v6 Value: www.rickduranagency.com
.rickduranagency.com/	1970-01-20 22:20:34	Name: s_dl Value: 1
.rickduranagency.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.rickduranagency.com/	1970-01-21 07:56:32	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271722032433889%27%5D%5D
.rickduranagency.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fwww.rickduranagency.com%2F%7Caowsv%3D302ABD%7CentryProperty%3Dhttps%3A%2F%2Fwww.rickduranagency.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-m%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3DDDP93BJT5GF%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-m%3ADDP93BJT5GF%7Cmc%3Ddirect%20load%7C
.rickduranagency.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-21 02:39:44	Name: dextp Value: 771-1-1722032433803\|903-1-1722032433910\|30646-1-1722032434010\|66757-1-1722032434111

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.rickduranagency.com/ Message: Access to fetch at 'https://online.statefarm.com/ddc/trafficdetection.aspx' from origin 'https://www.rickduranagency.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.rickduranagency.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js' from origin 'https://www.rickduranagency.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.rickduranagency.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://www.rickduranagency.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://www.rickduranagency.com/ Message: The resource https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/ri/rickduranagency.com/rickduranagency.com-header-68f012af2512a0e09d3fccd28d117ee1.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.statefarm.com
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
insight.adsrvr.org
insuringjersey.com
invocation.deel-dev.test.c1.statefarm
invocation.deel.c1.statefarm
js.adsrvr.org
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
region1.analytics.google.com
s.pinimg.com
sc-static.net
segurodeautoennj.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
www.google.de
www.googletagmanager.com
www.rickduranagency.com
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
online.statefarm.com
104.198.70.133
108.138.40.116
151.101.192.84
152.195.54.7
18.202.190.66
2001:4860:4802:32::36
23.206.208.183
2600:1901:0:7628::
2600:9000:2165:7000:2:8f43:5780:93a1
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9a
2a02:26f0:480:5ac::1931
2a03:2880:f083:9:face:b00c:0:3
2a09:8280:1::42:4195
3.163.248.4
3.33.152.147
3.33.251.168
34.69.219.172
35.190.43.134
35.71.131.137
52.205.248.114
54.236.171.182
54.76.5.246
63.140.62.17
99.80.105.226
0ddfd3df9658f72f814af1cdc421cc55d75314d494de48437bd6f741d8d3dc7d
0e8b354887dfc6097ed55e6483c5d81208c12d1b3674ba55fb8b3e5b81046781
1079dbd178020ea43c59e24e2c4fbf23dbb55bf11565dc5eb2b4904574dd5121
21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc
314c1bbdebb5556d7a98a2c756063f488ce0ec78ee6041e03396b0ad9c1713d1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
41131d6396fe2757796d08a8c01d334657c900012c31c268e153f1ed9f2779c9
44213643420d93db69e7df3dce7e2b755f57595de654efdbc3041b5b8e7b74e6
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
519d2bfc99613720b69d5609eb92515c00524694a35a86669854f4683103425f
5317565bf76f9ed3f12f7d365b3f5f06da4392bc9ed03e4cd5d44687f3c8021f
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
62bd9b8c4c176f57732dbe5e7644be627c73b3f16062e889e1cf03f316f12001
64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5
66e9a0c6eb4a4df18c3c89be6e3395142d840f23915ddd79f3d4b8f460effea2
69d296634f22afab3cf7246b67c83b091e6f734930b7d45ad24389c7c2bd8863
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314
7b5c2d190ee2c0a43faa645c1f67b85a66d77bd4bbee6db640cf580dfb378fd8
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
828e67a96c04903dad31c3c9025a4fe6a3e6ac76cf8ce1bea990759106193a53
84ddf3237bdf50ff40de4250aa4979f04ad7740a60c31acad3bf39d73b3bf09c
8770d514d96c1889da9b7178c0474ae1181acb61b7bb27351e0345fb404bdb3e
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8a31de0ca98d7e27a24bcd3ddb3ec95acb8f5606322ceb37706a4e88d3f577c9
8d31eee3622049373651e31e58202a0fa7a857dce860febf626192e88e9b8d29
8d8d24e8665fb471ec28acf679df75b8ca7ba6ba56814eff606ee4024da4e46a
8e72c026ed5abba429a9e1d32f8947fbd1064a5d81b9c9460bb7516ed754c192
91b82a28921302098ca869fd8f7bce3182246adc898569cf127c6c21a6e70a44
9ed4d45b3b3ec867a4d90438f985008eb7a860bd20e059a324f0e1dcb42bad98
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4e2cdcf1c7c7508b6c1528abedaa45ba48741664ccbc9c25a5320f6b3d7f7ea
aa1cf008cd95cd1a67295b8f5691b52896a5ce4343d4098ce915463a8876ce18
acfab1e3846f4c81d1b41376854f82dcfbf36ac7becd0ea4ac4a623ba5149d0d
ad22bc0a8673d50a895d123e6ca9f24af5e42647d25e60209de22dac73a0a7d6
b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
bb31b4604b2797a1f4def3f616b57c2bf247d710e8bea1c4f37defebf496d45c
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c4609766690f02221321b9a9fd25863c39c9d30f13ccd8fb222e1fdcccadb4ff
c53912688feb1f3487f73bedf6110ca486394a5012141f2ccc7f871f17ff9246
c96463100e774599fbb9784785ca4e09f5ae7fa77c12d234cb972f1465d0b0e2
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cb00956b56b680d25c9ecb6cd3663f5869bf6f01bd742224b05b1f53a92a2e62
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
da8d46b17fa3662d15b0cd41da8c4952c321723e47662336bf629db3a951699a
e20333478d98e46ade776bb59910f232194f58960f1791aa321d2376b7b73f89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f5f347e044f2914001599a0899039d5e54460e4ddbaa8446c7957a7c707c71e5
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

www.rickduranagency.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

93 %HTTPS

35 %IPv6

20 Domains

28 Subdomains

24 IPs

4 Countries

1407 kBTransfer

4149 kBSize

25 Cookies

34 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rickduranagency.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

93 %
HTTPS

35 %
IPv6

20
Domains

28
Subdomains

24
IPs

4
Countries

1407 kB
Transfer

4149 kB
Size

25
Cookies

83 HTTP transactions
0 data transactions