savewithhunter.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hunteremory.com/
Effective URL:
https://savewithhunter.com/
Submission: On December 30 via api (December 30th 2022, 12:32:53 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 63 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is savewithhunter.com.
TLS certificate: Issued by R3 on December 16th 2022. Valid for: 3 months.

This is the only time savewithhunter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	104.198.70.133 104.198.70.133	15169 (GOOGLE) (GOOGLE)
23	2a09:8280:1::1ce 2a09:8280:1::1ce	40509 (FLY) (FLY)
5	13.32.110.125 13.32.110.125	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 5	34.248.196.211 34.248.196.211	16509 (AMAZON-02) (AMAZON-02)
1	52.213.181.195 52.213.181.195	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.229.62.148 54.229.62.148	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:dc:... 2a02:26f0:dc:388::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.13.117 13.32.13.117	16509 (AMAZON-02) (AMAZON-02)
1 1	52.206.63.211 52.206.63.211	14618 (AMAZON-AES) (AMAZON-AES)
1	54.77.217.9 54.77.217.9	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	23.62.220.203 23.62.220.203	16625 (AKAMAI-AS) (AKAMAI-AS)
63	18

3 34.69.219.172 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

hunteremory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
savewithhunter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com

mx-api.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a09:8280:1::1ce (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.110.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-125.vie50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.248.196.211 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-196-211.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.181.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-181-195.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.62.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-62-148.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

11264551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:388::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.13.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-13-117.vie50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.63.211 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-63-211.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.217.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-217-9.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mirus.io mx-api.prod.mirus.io — Cisco Umbrella Rank: 304463 peachy.prod.mirus.io — Cisco Umbrella Rank: 143007 ephemera.mirus.io — Cisco Umbrella Rank: 135124	701 KB
6	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 301 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 10294	8 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	205 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3623	72 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 321 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 122678	2 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 930	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	218 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 456 js.adsrvr.org — Cisco Umbrella Rank: 2006 insight.adsrvr.org — Cisco Umbrella Rank: 879	3 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1960 beacon.krxd.net — Cisco Umbrella Rank: 803	528 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 940	22 KB
2	statefarm.com smetrics.statefarm.com — Cisco Umbrella Rank: 56793	2 KB
2	hunteremory.com 1 redirects hunteremory.com	1 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 142	494 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1541	675 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 525	98 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	79 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1416	517 B
1	savewithhunter.com savewithhunter.com	142 KB
63	18

	Domain	Requested by
23	ephemera.mirus.io	savewithhunter.com ephemera.mirus.io
5	dpm.demdex.net	1 redirects savewithhunter.com
5	connect.facebook.net	savewithhunter.com connect.facebook.net hunteremory.com
5	nexus.ensighten.com	savewithhunter.com nexus.ensighten.com
4	peachy.prod.mirus.io	mx-api.prod.mirus.io savewithhunter.com
3	ct.pinterest.com	s.pinimg.com
3	www.facebook.com
2	s.pinimg.com	hunteremory.com s.pinimg.com
2	11264551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cm.g.doubleclick.net	2 redirects
2	smetrics.statefarm.com	nexus.ensighten.com hunteremory.com
2	hunteremory.com	1 redirects
1	adservice.google.com	11264551.fls.doubleclick.net
1	insight.adsrvr.org	js.adsrvr.org
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	cms.analytics.yahoo.com	1 redirects
1	match.adsrvr.org
1	idsync.rlcdn.com
1	www.googletagmanager.com	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	savewithhunter.com	hunteremory.com
1	mx-api.prod.mirus.io	hunteremory.com
63	25

This site contains links to these domains. Also see Links.

Domain
proofing.statefarm.com
www.google.com
get-id-card.delitess.c1.statefarm
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
brokercheck.finra.org
www.statefarm.com
financials.statefarm.com
www.youtube.com
static1.st8fm.com
hunteremory-1.sfagentjobs.com
trupanion.com
www.nmlsconsumeraccess.org
itunes.apple.com
play.google.com
es.statefarm.com

Subject Issuer	Validity	Valid
hunteremory.com R3	`2022-12-29` - `2023-03-29`	3 months	crt.sh
mx-api.prod.mirus.io R3	`2022-12-26` - `2023-03-26`	3 months	crt.sh
savewithhunter.com R3	`2022-12-16` - `2023-03-16`	3 months	crt.sh
peachy.prod.mirus.io R3	`2022-12-16` - `2023-03-16`	3 months	crt.sh
ephemera.mirus.io R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-08` - `2023-01-06`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2022-01-25` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://savewithhunter.com/
Frame ID: B18E05302A83385A90975F8FBD63608F
Requests: 50 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 1FDCE7EDF4CCBC1BD0EC3CDE6AF887BE
Requests: 6 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F
Frame ID: 4689A4BAE00133D851D8573E40E2E089
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fsavewithhunter.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 9428022E01661148C9D6B1DA4D6F44F4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BB77815FD41FEF77EBD961AD2C5EF1B8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: EC589A0622C4A5C86218DD065AF58919
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DE Auto & Home Insurance Agent Hunter Emory - State Farm®

Page URL History Show full URLs

http://hunteremory.com/ HTTP 301
https://hunteremory.com/ Page URL
https://savewithhunter.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

63
Requests

92 %
HTTPS

27 %
IPv6

18
Domains

25
Subdomains

18
IPs

5
Countries

1237 kB
Transfer

2950 kB
Size

27
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://proofing.statefarm.com/login-interceptor/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=38.696967%2C-75.400887&query_place_id=ChIJ8aP-cw_ruIkR_5S9nW8yoQM
Title: Location Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.facebook.com/391816930893951

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/hunter-emory-1a9b5949

Search URL Search Domain Scan URL

URL: https://twitter.com/SFAgentHunterE

Search URL Search Domain Scan URL

URL: https://www.instagram.com/302insurancewithhunter/

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA’s BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote?agentAssociateId=YDC9K5VQBAK
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/auto/resources/auto-insurance-checklist
Title: Items needed for a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/residence/signing-a-rental-lease?agentAssociateId=YDC9K5VQBAK
Title: The lease signing process: What you need to know The lease signing process: What you need to know It's tempting to sign the rental agreement and move in. But it's better to take a step back and ask the right landlord-tenant questions before moving forward Read More

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/teen-passenger-safety?agentAssociateId=YDC9K5VQBAK
Title: Teen passenger safety Teen passenger safety A teen passenger and teens driving with friends face a higher safety risk than teens alone. Read how to increase your teen passenger's safety. Read More

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/family/budgeting-for-a-pet?agentAssociateId=YDC9K5VQBAK
Title: Budgeting for a pet Budgeting for a pet Learn how to make a budget for your pet. Budgeting for typical pet care expenses can help you cover pet care costs without sacrificing your financial goals. Read More

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/?agentAssociateId=YDC9K5VQBAK
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5gPOQke9CrI
Title: Legacy Of Safety

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/LegacyOfSafetyStateFarmNeighborhoodAssistStateFarm.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5zZOEHGj61Y
Title: Web Development for a good cause with 48in48

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/WebDevelopmentforagoodcausewith48in48NeighborhoodofGood.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=j6km-y0o6KI
Title: State Farm Education Assist™

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/StateFarmEducationAssistStateFarm.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Zh7KgUjbVwY
Title: Strands of Magic

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/StrandsofMagicNeighborhoodofGoodStateFarm.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://hunteremory-1.sfagentjobs.com/j/0mg7p1
Title: https://hunteremory-1.SFAgentJobs.com/j/0mg7p1

Search URL Search Domain Scan URL

URL: http://www.statefarm.com/IPS/prospectus/
Title: prospectus page

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

URL: https://www.nmlsconsumeraccess.org/
Title: www.NMLSConsumerAccess.org

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

URL: https://es.statefarm.com/agent/us/de/georgetown/hunter-emory-ydc9k5vqbak
Title: Cambiar al Español

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hunteremory.com/ HTTP 301
https://hunteremory.com/ Page URL
https://savewithhunter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hunteremory.com/ HTTP 301
https://hunteremory.com/

Request Chain 14

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672360369246 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672360369246

Request Chain 31

https://cm.everesttech.net/cm/dd?d_uuid=47744622031375096380864204111441911474 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y64xsQAAAFAAmgN-

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDc3NDQ2MjIwMzEzNzUwOTYzODA4NjQyMDQxMTE0NDE5MTE0NzQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDc3NDQ2MjIwMzEzNzUwOTYzODA4NjQyMDQxMTE0NDE5MTE0NzQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDPkJ8raQVTDFwrWJc8UoPg&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 44

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=47744622031375096380864204111441911474&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RXdRsvhE2pGg_UWNAoD9nBg6jIhJr2t9RAE-~A

Request Chain 45

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F HTTP 302
https://11264551.fls.doubleclick.net/activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F

Request Chain 49

https://usermatch.krxd.net/um/v2?partner=adobe&id=47744622031375096380864204111441911474 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=47744622031375096380864204111441911474

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
hunteremory.com/
Redirect Chain

http://hunteremory.com/
https://hunteremory.com/

2 KB
1 KB

391ms
119ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hunteremory.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: /
Resource Hash: 8c9f1e82876028b59da9901d8cd9701ff2f3882eddd335c65426806a4b8dd02d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 00:32:47 GMT
vary: origin,accept-encoding
x-cheesecrd-backend: mx-api
x-cheesecrd-lookup: master:hunteremory.com/
x-cheesecrd-path: /

Redirect headers

content-length: 0
location: https://hunteremory.com/

GET
H2 200 peachy-client Show response
mx-api.prod.mirus.io/ 65 KB
20 KB 394ms
122ms Script
text/html 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mx-api.prod.mirus.io/peachy-client

Requested by

Host: hunteremory.com
URL: https://hunteremory.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hunteremory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:48 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: origin,accept-encoding
content-type: text/html; charset=utf-8

GET
H2 200 Primary Request / Show response
savewithhunter.com/ 598 KB
142 KB 635ms
230ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://savewithhunter.com/
Requested by: Host: hunteremory.com
URL: https://hunteremory.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0e1288fadaca09c3d0b5a1670e4d3a2d0cae97454b0c7db1f7a3f138a1a301ff

Request headers

Referer: https://hunteremory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-cache, max-age=30
content-encoding: gzip
content-length: 144804
content-type: text/html
date: Fri, 30 Dec 2022 00:32:48 GMT
etag: "f4e667ed770b5276004dd9f568d4fa16"
expires: Fri, 30 Dec 2022 00:33:18 GMT
last-modified: Thu, 29 Dec 2022 22:25:31 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:savewithhunter.com/
x-cheesecrd-path: /
x-goog-generation: 1672352731367579
x-goog-hash: crc32c=JFkFpA== md5=9OZn7XcLUnYATdn1aNT6Fg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 144804
x-guploader-uploadid: ADPycdvlZh3dsS6PrnneS4B5m5-b6JdT3hiuv7oo3GzLK5n5sLKDS5LypdfwO8NS_FNjhBAmhulqSyvhLaM4y6RpACLbyW5qd2bm

POST
H2 200 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ 80 B
325 B 123ms
122ms Fetch
application/json 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Requested by

Host: mx-api.prod.mirus.io
URL: https://mx-api.prod.mirus.io/peachy-client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hunteremory.com/
keen-sdk: javascript-5.0.1
accept-language: de-DE,de;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 00:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hunteremory.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 80

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame 0
0 442ms
185ms Preflight 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://hunteremory.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://hunteremory.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 30 Dec 2022 00:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 resize
ephemera.mirus.io/img/ 78 KB
78 KB 150ms
94ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FYDC9K5VQBAK_office_banner_20210823T172315Z_savewithhunter_com_cezfmb5vju.jpeg

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

d1d9a865c47c8a40046afb6acb973392ff2d6dc78aacb03526acd3d861f9f226

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1200&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FYDC9K5VQBAK_office_banner_20210823T172315Z_savewithhunter_com_cezfmb5vju.jpeg
x-cache-status: HIT
x-region: ewr
content-length: 79768
x-frontend: 64f8178b
fly-request-id: 01GNG7471G9DMP0Z2319CRB24K-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 64f8178b
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Fri, 30 Dec 2022 18:41:07 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 76 KB
24 KB 94ms
23ms Script
application/javascript 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6058a618c9c3b416237bde3a46e6fa565387486922f8ef08bee5212b17ddff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 19:09:52 GMT
x-amz-version-id: acaZ1pnnkK.ANz4VISlnyr8MOBS3VDLC
content-encoding: br
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1747378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Dec 2022 19:07:56 GMT
server: AmazonS3
etag: W/"399b2f6b7e5c7b4be69f8c6bde6bb435"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: XNvqSyIaAObhTxTJtc3XAdVKZcjerdQfc29TDL92iLiG0nHPAhnZog==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 36ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b55759d450eb372dbc39cc1919efbe56edb401ca7f702ed820d4a07745e91428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 00:32:49 GMT
content-md5: cLcMVk2JDQZm1MvO91YmLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: NrOs8CLRKUnszyR+uj3sJ3fucCcCOgq7OPI2hR0KikZUv3zYV8D/pDR4SKfP1IifH67psT63W747379LrwLbKQ==
x-fb-trip-id: 686109401
x-fb-content-md5: e142c08a6aa5439a301e3ddc791d3c22
cross-origin-opener-policy: same-origin-allow-popups
etag: "48ec197531cffdf1359aeb6d64c98c6c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 00:45:56 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 182 KB
183 KB 137ms
94ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1920&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FYDC9K5VQBAK_office_banner_20210823T172315Z_savewithhunter_com_cezfmb5vju.jpeg

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

b3f57098ea41c5d8866350e509924ea48262c2c55e5589acebe8892960784bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1920&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FYDC9K5VQBAK_office_banner_20210823T172315Z_savewithhunter_com_cezfmb5vju.jpeg
x-cache-status: HIT
x-region: ewr
content-length: 186376
x-frontend: 49d410be
fly-request-id: 01GNG7471GPQNF6N9R20CWJSSV-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 64f8178b
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Tue, 03 Jan 2023 18:47:56 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 7 KB
7 KB 134ms
93ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fac2.st8fm.com%2Fassociate-photos%2FY%2FYDC9K5VQBAK%2FformalColorFull.jpg

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

6d4507175bd50dd4e6981eb36f6031e758e856a4cd1dd6a328250a8cecc2cb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fac2.st8fm.com%2Fassociate-photos%2FY%2FYDC9K5VQBAK%2FformalColorFull.jpg
x-cache-status: HIT
x-region: ewr
content-length: 6682
x-frontend: 49d410be
fly-request-id: 01GNG7471G1HWV7R159GFGBM7Q-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 99
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 64f8178b
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Fri, 30 Dec 2022 18:41:07 GMT

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/ 31 KB
32 KB 208ms
171ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-Regular.woff2
via: 2 fly.io
x-amz-request-id: YHYHYZ2718S7VJWT
x-cache-status: HIT
x-region: ewr
content-length: 31948
x-amz-id-2: 6iC61jUwrzI5M/MAzRqlKROxm2S+EvSGx3Dct1X9hyKTextmFAhCm+5Jv7BrIv3xm1cvGru/fKQ=
x-frontend: 64f8178b
last-modified: Mon, 19 Dec 2022 20:13:31 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG7471XKP2K9G6Z7QYE1QK8-fra
etag: "45568a98b8085b944e9b8c47a2947646"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Tue, 19 Dec 2023 20:13:30 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/ 31 KB
32 KB 238ms
202ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-SemiBold.woff2
via: 2 fly.io
x-amz-request-id: YHYPDBDBBGQR3A5A
x-cache-status: HIT
x-region: ewr
content-length: 32208
x-amz-id-2: v1EFoIaR55iYBXqPo7J7ES5q+YRjfheIw3DfwSsIID9Ebz1mne78oLdFyuDRcULKPz2YzsIxGP0=
x-frontend: 49d410be
last-modified: Mon, 19 Dec 2022 20:13:31 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG7471YQDRPXQS8447XN046-fra
etag: "1d27c68fab3bc57c0eb1b742cb355160"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 49d410be
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Tue, 19 Dec 2023 20:13:30 GMT

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/ 31 KB
31 KB 238ms
202ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-Bold.woff2
via: 2 fly.io
x-amz-request-id: YHYKBAY3X8K952M3
x-cache-status: HIT
x-region: ewr
content-length: 31812
x-amz-id-2: Gf6pxmqPZzEFhIquxKdQH6oap1wu44jnqg9pZ8TuHMlRZz6KyvJu2kkfnzK2z/2r2ySEumH3R7U=
x-frontend: 49d410be
last-modified: Mon, 19 Dec 2022 20:13:30 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG7471Y86J0BEDJ3ZF5693A-fra
etag: "7cc9632b9df119aed25a6812b1c59569"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Tue, 19 Dec 2023 20:13:29 GMT

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/ 31 KB
32 KB 220ms
184ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleSans-Medium.woff2
via: 2 fly.io
x-amz-request-id: 3JXFE0FJ1QR97RFX
x-cache-status: HIT
x-region: ewr
content-length: 32200
x-amz-id-2: 7f1UVnfIPOumrjX5egXPlx0unm8ObG1hg1w2KpvHvmvP2sDXbU+p00F1WICI/Kjm/MdEYCBwS6A=
x-frontend: 49d410be
last-modified: Mon, 19 Dec 2022 20:13:30 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG7471Y8CT1G3P9M0P6WPZ4-fra
etag: "771eb8d7b83cc251776e102fb8ae2972"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Tue, 19 Dec 2023 20:13:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e1d2749f5ddf5ffc640a47768c96c412

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae44d31cfb167aa18df49da25880ecc8e6bade7340c5c040bd94b01250b5ec36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 00:32:49 GMT
content-md5: BmkUN4O5xCq2ltPeg63qhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87021
x-fb-rlafr: 0
x-fb-debug: QNHYjPYman8SV/vWXfyS/3Ys3FiJ66MBFFOLD2XBiySBGWE14Pob34U343aiiDwsBiQ+TaCvuhS/6jpvjZ5FxA==
x-fb-trip-id: 686109401
x-fb-content-md5: edef1f6f7747084d6cb9280415ee0766
cross-origin-opener-policy: same-origin-allow-popups
etag: "01b24de5bdec080c8229208fdde37f81"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Dec 2023 22:33:12 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672360369246
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672360369246

1 KB
1 KB

30ms
30ms

XHR
application/json

34.248.196.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672360369246

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

HTTP/1.1

Server

34.248.196.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-196-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5389f02a81ad45a824ba23e9441348eab0ba7b4fb88d7f454bcd6aca1e3fd698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-09e3db1c5.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: W65IqYL1Tss=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://savewithhunter.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 646
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-048420acf.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: KqGVztXJSLk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://savewithhunter.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1672360369246
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 392 B
696 B 38ms
38ms Script
text/javascript 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Fri%20Dec%2009%2019:07:54%20GMT%202022&ClientID=603&PageID=https%3A%2F%2Fsavewithhunter.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: 06b1875cbb40259d83ee7010aef0414e8468ac0e6a393ecb7fe2d8218a4dde64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 392
x-amz-cf-id: 6VulWvF6Rpk_Ub34MNo4ZPQJQVd_gzWNqKebtyqL3nSvaprp5vFfwA==
expires: Fri, 30 Dec 2022 00:32:48 GMT

GET
H2 200 5a55d99f056384440121ce1272490826.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 164 KB
46 KB 21ms
20ms Script
application/javascript 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/5a55d99f056384440121ce1272490826.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a70ca5dd5754a4557899a2daf477c69ab404e8d0171552ce44e4bdd4d9ea5947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 19:08:13 GMT
x-amz-version-id: 4RQLzTcy8Pah50xDLZhYavGXgq7pMRBh
content-encoding: br
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1747477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 09 Dec 2022 19:07:56 GMT
server: AmazonS3
etag: W/"4826c5b85fa5752616fb2c3519801ffe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 3pCnKKgzNKY2RmZbhD-aKWtsEhz3p0HBS0ywt0RVgA0kNYGqZF8Qqw==

GET
H2 200 37a6eb7558cd7caddabc4d41df02ff83.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 25ms
25ms Script
application/javascript 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/37a6eb7558cd7caddabc4d41df02ff83.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 05:03:23 GMT
x-amz-version-id: ksB7VnQR_K2AakdQJaGQv2loxEAMmlpZ
content-encoding: gzip
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 7673367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Apr 2022 21:38:02 GMT
server: AmazonS3
etag: W/"f95e7ee6badef0644c8fa8b201a00dd2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: NqKLiHUKnWP9wZuCTOvdYPtS0r3PKa-V--3bmhU0b7b4ymwLAXVKog==

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
248 B 18ms
17ms Image
text/plain 13.32.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F5a55d99f056384440121ce1272490826.js%3FconditionId0%3D423109%3A48%3A215)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=SC%3A%20Microsites%20Prod&cid=603&client=statefarm&publishPath=mirus&rid=3816437&did=486748&errorName=
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-125.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:24:43 GMT
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
age: 486
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 6S2BWygUH2XjW7s_AClvQwiDucIx3gB9058CtudzxGgOAY6o-IYx-A==

GET
H2 200 resize
ephemera.mirus.io/img/ 25 KB
25 KB 93ms
92ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fquestions-to-ask-your-landlord-before-signing-rental-agreement-wide.jpg

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

b098d61196ab6d8322a2b36f61ae2c31255e9b41f1d688aad15d83e09728a28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fquestions-to-ask-your-landlord-before-signing-rental-agreement-wide.jpg
x-cache-status: HIT
x-region: ewr
content-length: 25216
x-frontend: 49d410be
fly-request-id: 01GNG7476B2M7M01KVCK947Z0N-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 49d410be
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Thu, 29 Dec 2022 18:03:46 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 21 KB
21 KB 101ms
101ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fteen-passenger-safety-new.jpg

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

e0c97db3b1e6987649c43bfa9df42f0416573206f7219d1c5afc797eaae7e3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fteen-passenger-safety-new.jpg
x-cache-status: HIT
x-region: ewr
content-length: 21570
x-frontend: 49d410be
fly-request-id: 01GNG7476BDHHHA70RDRBE82MR-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 64f8178b
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Fri, 30 Dec 2022 22:22:54 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 22 KB
22 KB 92ms
92ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fbudgeting-for-a-pet.jpg

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

9810b40a6b9e45fd7e661d8091bf7b007bd3756c4ac5a4ab3065068ef54aa24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fbudgeting-for-a-pet.jpg
x-cache-status: HIT
x-region: ewr
content-length: 22106
x-frontend: 64f8178b
fly-request-id: 01GNG7476CACNXRS83F3EA6YDF-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 49d410be
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Thu, 29 Dec 2022 17:48:46 GMT

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 3 KB
2 KB 97ms
97ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/alpineFileInput.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/alpineFileInput.js
x-amz-request-id: F78B81R58JKB7YN7
x-cache-status: HIT
x-region: ewr
x-amz-id-2: JHrkLNIyduuaqp2M/L6sLIIFV3jbAC25XPZz1g7NSABiMCpYDqSRbdWttlABV5RuD9+YhgMQP9s=
x-frontend: 49d410be
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG7476S78ZZJY450DKZR3M2-fra
etag: "12ede5387f38cb1e3ffaa5dbb9bdacb2"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:30 GMT

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 53 KB
26 KB 98ms
96ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/alpine.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 25d2679d92c8f86ddf6239fc63c2ab26e557b5c941fe66cb347277decb001054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/alpine.js
x-amz-request-id: F78BPHX107DV9YQX
x-cache-status: HIT
x-region: ewr
x-amz-id-2: FUwoVRUWI7KGBzfWkpnblXDo1CXqoANz7tqqq4be7yjSuNurcLLzpxmyErO59JnXYo5Kq9XmX4k=
x-frontend: 49d410be
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG747708PVRMQSNRB1RXC6P-fra
etag: "24f71111659adb3aecb676153e06ab22"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:30 GMT

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 8 KB
5 KB 97ms
95ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/lazysizes.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/lazysizes.js
x-amz-request-id: F78B498AH44AN051
x-cache-status: HIT
x-region: ewr
x-amz-id-2: ZWRVGn75lGAi4kvtpvRMiIIcdyJjQGCoSnWLQfvnyxWzzJmrFhOrY+dC+04FNiZxxzd5JGJwhtI=
x-frontend: 64f8178b
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG74770H8S0N30QTRJZ217G-fra
etag: "b0cf9a76ff93ef62c9f73fda43c61168"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 49d410be
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:30 GMT

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 491 B
617 B 97ms
96ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/scrollToElement.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 5d0f0407096d756184fee3329b904656d444a8a256b8fa9948caed8d70c10ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/scrollToElement.js
x-amz-request-id: F783152DZ7VTND3D
x-cache-status: HIT
x-region: ewr
x-amz-id-2: SR+N4ZvqN2hLkXV1iPPpLVEDRFC969MBPdE9/9fpjnb+QD0nPEFQEwE/tSAU4VHi+sjBcZT67h8=
x-frontend: 64f8178b
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG74771YG3K2SNED5GCPKNF-fra
etag: "ed57c7e6e308d21a8a9e7c303d303f1d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 49d410be
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:31 GMT

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 3 KB
2 KB 102ms
101ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/utils.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 3cc5da363d10c71a21ce61a25b353234a80149ca92838224a7871ae9b6215afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/utils.js
x-amz-request-id: F781N9QH2QA8423D
x-cache-status: HIT
x-region: ewr
x-amz-id-2: KVapE51fZb1LfH6aLQj9oI83lZRaoEPJqzEyDqopf4kPtvIQ2PTTLj1+ZP7zsIcm1LnyDL7FXf0=
x-frontend: 64f8178b
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG747731YSNSW1CF6H217AJ-fra
etag: "bbde491116a2cc79bbe35118dc511709"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:31 GMT

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 122 B
413 B 105ms
104ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/svgIcon.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/svgIcon.js
x-amz-request-id: F78F8MYN9TDPDYD2
x-cache-status: HIT
x-region: ewr
x-amz-id-2: +3r1PIN+OF1GbvamhiBzV0M9ofbCsW3Z7A+Rau+MXOKfuZRF1LaaJE7BCK+BuBrXIKpb12Jo3J0=
x-frontend: 49d410be
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG74773EHNRM3BDAZN3K591-fra
etag: "6f2040ba57cefa73bd4ff501f5deeb2b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 49d410be
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:31 GMT

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/ 99 KB
46 KB 102ms
101ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/alpineContactForm.js
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: c01f8916f5ce061e1f3db0ed92d747e9dedbb3d2b0a0269cb83cb3d4acfd7df9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/alpineContactForm.js
x-amz-request-id: F789E0FGRDKB8MDE
x-cache-status: HIT
x-region: ewr
x-amz-id-2: vCuJG+P1/nRYz3+BPuFo50RMEtXsVAA9MvhZb1v8QtAm7oJRzjYGmC6MTCDocCJCTR9qOfcqPvs=
x-frontend: 64f8178b
last-modified: Wed, 07 Dec 2022 23:04:32 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG74772547358GK6WTT12XT-fra
etag: "841c7595ab6bb2140e3499ff9e54d806"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:04:30 GMT

GET
H/1.1 200
OK dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 1FDC 7 KB
3 KB 209ms
30ms Document
text/html 52.213.181.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.181.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-181-195.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://savewithhunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-0333db6ef.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: w9W5w/XwQJA=
content-encoding: gzip
date: Fri, 30 Dec 2022 00:32:49 GMT
last-modified: Fri, 28 Oct 2022 11:07:23 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
467 B 64ms
16ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=53049433212253314180009843671504557422&ts=1672360369441

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

f88a7ad615567c66b3a8271d60b4bb550563cc29a42062a1ef550ef37e2511a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://savewithhunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://savewithhunter.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y64xsQAAAFAAmgN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=47744622031375096380864204111441911474
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y64xsQAAAFAAmgN-

42 B
942 B

30ms
30ms

Image
image/gif

34.248.196.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y64xsQAAAFAAmgN-

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

HTTP/1.1

Server

34.248.196.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-196-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YQlTkYC6TVI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y64xsQAAAFAAmgN-
Date: Fri, 30 Dec 2022 00:32:49 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/ 32 KB
32 KB 104ms
103ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleLegal-Medium.woff2
via: 2 fly.io
x-amz-request-id: YHYV8T78HFEZA4TH
x-cache-status: HIT
x-region: ewr
content-length: 32960
x-amz-id-2: anGm2iKlhnGSyvIgTnzlx1Zeo8T3kkqvEaWRu4rK8lG7qyg99HxMSjd4j/rWGBIjLV/jTmoC+MM=
x-frontend: 49d410be
last-modified: Mon, 19 Dec 2022 20:13:29 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG747A99NJPDCCG64P9Z9B6-fra
etag: "5c321170479a815ab790c771bcc8f1d3"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 64f8178b
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Tue, 19 Dec 2023 20:13:28 GMT

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/ 32 KB
32 KB 102ms
101ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: savewithhunter.com
URL: https://savewithhunter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/bb7817cd (2022-12-23) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer: https://savewithhunter.com/
Origin: https://savewithhunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/fonts/sf/MecherleLegal-Regular.woff2
via: 2 fly.io
x-amz-request-id: YHYKPWMXP4RJDWHN
x-cache-status: HIT
x-region: ewr
content-length: 32844
x-amz-id-2: sWh/cA6j2dc7hnA1ezC+syxwIndUCYqAfqKesd3kOTT7dimiJfWojpY9njGvnOFNhIBpMMReLS4=
x-frontend: 64f8178b
last-modified: Mon, 19 Dec 2022 20:13:29 GMT
server: Fly/bb7817cd (2022-12-23)
fly-request-id: 01GNG747A97C2N4TPXPGNV7W44-fra
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 49d410be
x-git-sha: 9a67e7cc
accept-ranges: bytes
expires: Tue, 19 Dec 2023 20:13:28 GMT

GET
H2 200 s81544843735804 Show response
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 1 KB
1 KB 39ms
39ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s81544843735804?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=30%2F11%2F2022%200%3A32%3A49%205%200&d.&nsid=0&jsonv=1&.d&D=..&mid=53049433212253314180009843671504557422&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak&g=https%3A%2F%2Fsavewithhunter.com%2F&r=https%3A%2F%2Fhunteremory.com%2F&ch=sf%3Aus%3Aagent-micro-m2-lan&server=savewithhunter.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Ahome%3Aauto&c4=sf%3Aagent-micro-m2-lan%3Aydc9k5vqbak&v6=savewithhunter.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fsavewithhunter.com%2F&v26=%2B1&v32=referring%20domains&v37=%2B1&c38=en&v38=thursday%7C6%3A30pm&v50=12%2F29%2F2022&v52=..c16&v53=r%7Chunteremory.com&v54=n%2Fa&v55=referring%20domains&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F108.0.5359.124%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: hunteremory.com
URL: https://hunteremory.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

abb7e9ac5a7f60ed0b76e7d5719c50f2b4c547ae2c2bb7ff112280d2d87c26ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-aam-tid: tTNWovNXTZE=
date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1104
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 3 ms
pragma: no-cache
last-modified: Sat, 31 Dec 2022 00:32:49 GMT
server: jag
etag: 3591366547156926464-4619759274911008987
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 29 Dec 2022 00:32:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 482 KB
79 KB 228ms
105ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aca4cee6602e87f29877f26284b23e7f7089d4b62c7d45672bd48033e10811d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80120
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Dec 2022 00:32:49 GMT

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame 1FDC 0
98 B 142ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=47744622031375096380864204111441911474
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 80 B
327 B 124ms
123ms Fetch
application/json 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: savewithhunter.com
URL: https://savewithhunter.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

bfa6f1db39d311f27bf0309ff9ec7dea4fe77603f798542995d9bd5e22fbaed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://savewithhunter.com/
keen-sdk: javascript-5.0.1
accept-language: de-DE,de;q=0.9
Authorization: WK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://savewithhunter.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 80

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 118ms
118ms Preflight 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://savewithhunter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://savewithhunter.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 resize
ephemera.mirus.io/img/ 25 KB
25 KB 120ms
119ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ephemera.mirus.io
URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/lazysizes.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

b098d61196ab6d8322a2b36f61ae2c31255e9b41f1d688aad15d83e09728a28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fquestions-to-ask-your-landlord-before-signing-rental-agreement-wide.jpg
x-cache-status: HIT
x-region: ewr
content-length: 25216
x-frontend: 64f8178b
fly-request-id: 01GNG747JXWVV1XZMWWT7WCGPA-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 49d410be
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Thu, 29 Dec 2022 18:03:46 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 21 KB
21 KB 118ms
117ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fteen-passenger-safety-new.jpg

Requested by

Host: ephemera.mirus.io
URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/lazysizes.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

e0c97db3b1e6987649c43bfa9df42f0416573206f7219d1c5afc797eaae7e3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fteen-passenger-safety-new.jpg
x-cache-status: HIT
x-region: ewr
content-length: 21570
x-frontend: 49d410be
fly-request-id: 01GNG747K11T2V2XYCJJ7VCA5D-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 64f8178b
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Fri, 30 Dec 2022 22:22:54 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 3 KB
3 KB 114ms
113ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fsa%2Fsavewithhunter.com%2Fsavewithhunter.com-sidebar-md-9ef6cf5514888077671ed216694edc6f.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

91d4d18044938cafcda79399285de057e986613d275ba1170f8b49d3aa1acb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fsa%2Fsavewithhunter.com%2Fsavewithhunter.com-sidebar-md-9ef6cf5514888077671ed216694edc6f.png
x-cache-status: HIT
x-region: ewr
content-length: 3062
x-frontend: 64f8178b
fly-request-id: 01GNG747K11FE42QREN48WJCRT-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 64f8178b
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Sun, 01 Jan 2023 18:51:37 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEDPkJ8raQVTDFwrWJc8UoPg&google_cver=1
dpm.demdex.net/ Frame 1FDC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDc3NDQ2MjIwMzEzNzUwOTYzODA4NjQyMDQxMTE0NDE5MTE0NzQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDc3NDQ2MjIwMzEzNzUwOTYzODA4NjQyMDQxMTE0NDE5MTE0NzQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDPkJ8raQVTDFwrWJc8UoPg&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

36ms
33ms

Image
image/gif

34.248.196.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDPkJ8raQVTDFwrWJc8UoPg&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.248.196.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-196-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-03da2f349.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NgdNN1wNTGQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 30 Dec 2022 00:32:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDPkJ8raQVTDFwrWJc8UoPg&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1FDC 70 B
265 B 103ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=savewithhunter.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Dec 2022 00:32:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 1FDC
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=47744622031375096380864204111441911474&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RXdRsvhE2pGg_UWNAoD9nBg6jIhJr2t9RAE-~A

42 B
942 B

30ms
30ms

Image
image/gif

34.248.196.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RXdRsvhE2pGg_UWNAoD9nBg6jIhJr2t9RAE-~A

Protocol

HTTP/1.1

Server

34.248.196.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-196-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EqAUOCJ8T4E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 30 Dec 2022 00:32:50 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RXdRsvhE2pGg_UWNAoD9nBg6jIhJr2t9RAE-~A
content-length: 0

GET
H3

200

activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%... Show response
11264551.fls.doubleclick.net/ Frame 4689
Redirect Chain

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=htt...
https://11264551.fls.doubleclick.net/activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-mi...

443 B
282 B

149ms
83ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11264551.fls.doubleclick.net/activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

50bdf2eb31932be555e98057b9c002131a646b31b4fb74d5356eb50116566840

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savewithhunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 00:32:50 GMT
expires: Fri, 30 Dec 2022 00:32:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 00:32:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11264551.fls.doubleclick.net/activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hunteremory.com
URL: https://hunteremory.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Dec 2022 00:32:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pwDzHAxcDf3OAp9e9ba7COXQzUS+OagCitcOa21aJxhDQYjzA1g3xFazfAuR8m5MnQ2KW72zg4Gq2KdZEdKeow==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 322ms
135ms Script
application/javascript 2a02:26f0:dc:388::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: hunteremory.com
URL: https://hunteremory.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:388::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 68ms
18ms Script
application/x-javascript 13.32.13.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.13.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-13-117.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 11:01:06 GMT
Content-Encoding: gzip
Via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-C2
Age: 48705
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: W6rRlVoPrbUiUkg-FNscrhsbcDtKRQmjwc2tBBVKh49Ci_n4pqT_uw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1FDC
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=47744622031375096380864204111441911474
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=47744622031375096380864204111441911474

0
338 B

138ms
29ms

Image
text/plain

54.77.217.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=47744622031375096380864204111441911474
Protocol: H2
Server: 54.77.217.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-217-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Fri, 30 Dec 2022 00:32:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1672360370
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=47744622031375096380864204111441911474
date: Fri, 30 Dec 2022 00:32:50 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a020-ash-prod.krxd.net

GET
H3 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65e49dcc7a8fba11017cc3e552433e56a10b0eb4a81d438f0ca13c069bed9355

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Dec 2022 00:32:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: emCPhu/tbPCHd7wMZKta/C5VM3IFYrCtSMzQvuF55OtGy0gEMHB9Gq+Q16r9ouYdbeCwkM+w7mo8gvCyxTFJLw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9428 0
181 B 37ms
31ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fsavewithhunter.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://savewithhunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Fri, 30 Dec 2022 00:32:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 1936962093151750 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 52ms
52ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936962093151750?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4926b867bfcbb051a7f56d81554bdad897451bc605f6ee91cae2a657f1cc31e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Dec 2022 00:32:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TJIfGFv5UiP/Y4dxGM/3eeFboKy4uqM4Fqv4KPmp3McfJ1soZnPTcvZoWEvbOLSdtVjspgSm9v7+Zo6XJHnW9g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 57ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fsavewithhunter.com%2F&rl=https%3A%2F%2Fhunteremory.com%2F&if=false&ts=1672360370147&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1672360370146.1983948661&it=1672360370096&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 30 Dec 2022 00:32:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 17ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fsavewithhunter.com%2F&rl=https%3A%2F%2Fhunteremory.com%2F&if=false&ts=1672360370216&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672360370146.1983948661&it=1672360370096&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 30 Dec 2022 00:32:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 140ms
140ms Script
application/javascript 2a02:26f0:dc:388::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:388::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=*;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F
adservice.google.com/ddm/fls/z/ Frame 4689 42 B
494 B 184ms
74ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=*;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F

Requested by

Host: 11264551.fls.doubleclick.net
URL: https://11264551.fls.doubleclick.net/activityi;dc_pre=CLuGt-6LoPwCFRHOUQodsmwFvg;src=11264551;type=micro0;cat=micro006;ord=8777650529178;gtm=2wgbu0;auiddc=142928952.1672360370;u9=sf%3Aus%3Aagent-micro-m2-lan%3Aydc9k5vqbak;~oref=https%3A%2F%2Fsavewithhunter.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11264551.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 00:32:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
862 B 247ms
59ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1672360370574&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.3f17655f.1672360370.a8e4015d
x-envoy-upstream-service-time: 3
content-length: 377
x-pinterest-rid: 1637617952852179
pin-unauth: dWlkPU1EWmpZVFpoWVdFdFl6Y3dOQzAwWWpnMkxXRTFOR0l0TURKbVpHSmtaVEkyT0dFMg
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://savewithhunter.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 240ms
58ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsavewithhunter.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fhunteremory.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1672360370580

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 00:32:50 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3f17655f.1672360370.a8e4015e
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1510905077768023
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 22 KB
22 KB 93ms
91ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fbudgeting-for-a-pet.jpg

Requested by

Host: ephemera.mirus.io
URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/b4ca511d1994829e854f6550a9bb7830566a119d/js/lazysizes.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/bb7817cd (2022-12-23) /

Resource Hash

9810b40a6b9e45fd7e661d8091bf7b007bd3756c4ac5a4ab3065068ef54aa24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://savewithhunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 00:32:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fbudgeting-for-a-pet.jpg
x-cache-status: HIT
x-region: ewr
content-length: 22106
x-frontend: 64f8178b
fly-request-id: 01GNG748GQHFZ2TBJXDDE7RFAB-fra
server: Fly/bb7817cd (2022-12-23)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 49d410be
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-git-sha: 9a67e7cc
expires: Thu, 29 Dec 2022 17:48:46 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BB77 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://savewithhunter.com
Referer: https://savewithhunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://savewithhunter.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 00:32:50 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame EC58 565 B
590 B 56ms
56ms Document
text/html 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://savewithhunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.3f17655f.1672360370.a8e402db
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 00:32:50 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 3478007220781402

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hunteremory.com/	1970-01-20 08:34:06	Name: __cheesecrd_version Value: master
hunteremory.com/	1970-01-20 17:18:16	Name: keen Value: {%22initialReferrer%22:null}
savewithhunter.com/	1970-01-20 08:34:06	Name: __cheesecrd_version Value: master
.savewithhunter.com/	1970-01-20 08:32:42	Name: s_gad Value: 1
.demdex.net/	1970-01-20 12:51:52	Name: demdex Value: 47744622031375096380864204111441911474
.savewithhunter.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.statefarm.com/	1970-01-20 18:08:40	Name: s_ecid Value: MCMID%7C53049433212253314180009843671504557422
.everesttech.net/	1970-01-20 17:18:16	Name: everest_g_v2 Value: g_surferid~Y64xsQAAAFAAmgN-
.savewithhunter.com/	1970-01-20 08:32:42	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m2-lan%3AYDC9K5VQBAK
.savewithhunter.com/	1970-01-20 08:32:42	Name: s_pre_v6 Value: savewithhunter.com
.savewithhunter.com/	1970-01-20 08:32:42	Name: s_dl Value: 1
.savewithhunter.com/	1969-12-31 23:59:59	Name: s_cm Value: other%20natural%20referrersundefinedhunteremory.com
.savewithhunter.com/	1970-01-20 18:08:40	Name: s_ev32 Value: %5B%5B%27referring%2520domains%27%2C%271672360369589%27%5D%5D
.savewithhunter.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fsavewithhunter.com%2F%7Creferrer%3Dhttps%3A%2F%2Fhunteremory.com%2F%7Centry%3Dhttps%3A%2F%2Fsavewithhunter.com%2F%7Cs_prev_channel%3Dundefined%7Cs_prev_ch%3Dagent-micro-m2-lan%7Cs_prev_pn%3DYDC9K5VQBAK%7Cs_prev_pageName%3Dundefined%7Cmc%3Dreferring%20domains%7C
.savewithhunter.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 12:51:52	Name: dpm Value: 47744622031375096380864204111441911474
.savewithhunter.com/	1970-01-20 18:08:40	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19357%7CMCMID%7C53049433212253314180009843671504557422%7CMCAAMLH-1672965169%7C6%7CMCAAMB-1672965169%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1672367569s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19364%7CvVersion%7C3.1.0
.savewithhunter.com/	1970-01-20 12:51:52	Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C6
.savewithhunter.com/	1970-01-20 09:15:52	Name: aam_uuid Value: 47744622031375096380864204111441911474
savewithhunter.com/	1970-01-20 17:18:16	Name: keen Value: {%22uuid%22:%22fb70de08-b519-4aa2-9cf2-a903f2b6fe5b%22%2C%22initialReferrer%22:%22https://hunteremory.com/%22}
.savewithhunter.com/	1970-01-20 10:42:16	Name: _gcl_au Value: 1.1.142928952.1672360370
.demdex.net/	1970-01-20 12:51:52	Name: dextp Value: 60-1-1672360369680\|771-1-1672360369782\|903-1-1672360369884\|30646-1-1672360369986\|66757-1-1672360370087
.yahoo.com/	1970-01-20 17:18:37	Name: A3 Value: d=AQABBLIxrmMCED3k7UhJduNen-EUuddutBM&S=AQAAAgdSYXekgZIDiQ-7sITVsb4
.savewithhunter.com/	1970-01-20 10:42:16	Name: _fbp Value: fb.1.1672360370146.1983948661
.doubleclick.net/	1970-01-20 17:54:16	Name: IDE Value: AHWqTUn89zmjOPAEqqTKLLcMe0rm_oT2U-LgGoJ8tfdDdgjx6euyqK2YKlFug2Icozk
.krxd.net/	1970-01-20 12:51:52	Name: _kuid_ Value: PSacGtnS
.savewithhunter.com/	1970-01-20 17:18:16	Name: _pin_unauth Value: dWlkPU1EWmpZVFpoWVdFdFl6Y3dOQzAwWWpnMkxXRTFOR0l0TURKbVpHSmtaVEkyT0dFMg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=47744622031375096380864204111441911474 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
ephemera.mirus.io
hunteremory.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mx-api.prod.mirus.io
nexus.ensighten.com
peachy.prod.mirus.io
s.pinimg.com
savewithhunter.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
104.198.70.133
13.32.110.125
13.32.13.117
13.36.218.177
142.250.186.38
142.251.39.66
15.197.193.217
212.82.100.182
23.62.220.203
2a00:1450:4001:830::2002
2a00:1450:400d:80e::2008
2a02:26f0:dc:388::1931
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a09:8280:1::1ce
34.248.196.211
34.69.219.172
35.244.174.68
52.206.63.211
52.213.181.195
54.229.62.148
54.77.217.9
06b1875cbb40259d83ee7010aef0414e8468ac0e6a393ecb7fe2d8218a4dde64
0e1288fadaca09c3d0b5a1670e4d3a2d0cae97454b0c7db1f7a3f138a1a301ff
25d2679d92c8f86ddf6239fc63c2ab26e557b5c941fe66cb347277decb001054
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3cc5da363d10c71a21ce61a25b353234a80149ca92838224a7871ae9b6215afa
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
50bdf2eb31932be555e98057b9c002131a646b31b4fb74d5356eb50116566840
5389f02a81ad45a824ba23e9441348eab0ba7b4fb88d7f454bcd6aca1e3fd698
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
5d0f0407096d756184fee3329b904656d444a8a256b8fa9948caed8d70c10ece
6058a618c9c3b416237bde3a46e6fa565387486922f8ef08bee5212b17ddff44
65e49dcc7a8fba11017cc3e552433e56a10b0eb4a81d438f0ca13c069bed9355
67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be
6d4507175bd50dd4e6981eb36f6031e758e856a4cd1dd6a328250a8cecc2cb47
6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8c9f1e82876028b59da9901d8cd9701ff2f3882eddd335c65426806a4b8dd02d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91d4d18044938cafcda79399285de057e986613d275ba1170f8b49d3aa1acb06
9810b40a6b9e45fd7e661d8091bf7b007bd3756c4ac5a4ab3065068ef54aa24c
a70ca5dd5754a4557899a2daf477c69ab404e8d0171552ce44e4bdd4d9ea5947
abb7e9ac5a7f60ed0b76e7d5719c50f2b4c547ae2c2bb7ff112280d2d87c26ac
aca4cee6602e87f29877f26284b23e7f7089d4b62c7d45672bd48033e10811d8
ae44d31cfb167aa18df49da25880ecc8e6bade7340c5c040bd94b01250b5ec36
b098d61196ab6d8322a2b36f61ae2c31255e9b41f1d688aad15d83e09728a28f
b3f57098ea41c5d8866350e509924ea48262c2c55e5589acebe8892960784bcb
b55759d450eb372dbc39cc1919efbe56edb401ca7f702ed820d4a07745e91428
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
bfa6f1db39d311f27bf0309ff9ec7dea4fe77603f798542995d9bd5e22fbaed9
c01f8916f5ce061e1f3db0ed92d747e9dedbb3d2b0a0269cb83cb3d4acfd7df9
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
d1d9a865c47c8a40046afb6acb973392ff2d6dc78aacb03526acd3d861f9f226
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
e0c97db3b1e6987649c43bfa9df42f0416573206f7219d1c5afc797eaae7e3cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4926b867bfcbb051a7f56d81554bdad897451bc605f6ee91cae2a657f1cc31e
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f88a7ad615567c66b3a8271d60b4bb550563cc29a42062a1ef550ef37e2511a9

savewithhunter.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

92 %HTTPS

27 %IPv6

18 Domains

25 Subdomains

18 IPs

5 Countries

1237 kBTransfer

2950 kBSize

27 Cookies

38 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

savewithhunter.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

92 %
HTTPS

27 %
IPv6

18
Domains

25
Subdomains

18
IPs

5
Countries

1237 kB
Transfer

2950 kB
Size

27
Cookies

63 HTTP transactions
0 data transactions