adamdeckerinsurance.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://defianceinsurance.com/
Effective URL:
https://adamdeckerinsurance.com/
Submission Tags: shiny
Submission: On August 10 via manual (August 10th 2022, 7:37:18 am UTC) from JP — Scanned from JP

Summary HTTP 64 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 64 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is adamdeckerinsurance.com.
TLS certificate: Issued by R3 on July 14th 2022. Valid for: 3 months.

This is the only time adamdeckerinsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2a09:8280:1::1ce 2a09:8280:1::1ce	40509 (FLY) (FLY)
4	13.32.50.49 13.32.50.49	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 7	52.196.162.199 52.196.162.199	16509 (AMAZON-02) (AMAZON-02)
1	52.199.15.7 52.199.15.7	16509 (AMAZON-02) (AMAZON-02)
2	63.140.50.163 63.140.50.163	16509 (AMAZON-02) (AMAZON-02)
1 1	52.76.23.126 52.76.23.126	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 3	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
2 6	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:810::2008	15169 (GOOGLE) (GOOGLE)
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1 1	100.24.249.189 100.24.249.189	14618 (AMAZON-AES) (AMAZON-AES)
1	52.39.110.34 52.39.110.34	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.31.134 172.217.31.134	15169 (GOOGLE) (GOOGLE)
2	2600:140b:2:9... 2600:140b:2:9a5::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.35.45.57 13.35.45.57	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	18.178.22.21 18.178.22.21	16509 (AMAZON-02) (AMAZON-02)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2404:6800:400... 2404:6800:400a:805::2002	15169 (GOOGLE) (GOOGLE)
3	23.207.172.239 23.207.172.239	16625 (AKAMAI-AS) (AKAMAI-AS)
64	18

3 34.69.219.172 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

defianceinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adamdeckerinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

mx-api.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a09:8280:1::1ce (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.50.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-49.nrt57.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.196.162.199 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.15.7 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-15-7.ap-northeast-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.50.163 (United States)

ASN16509 (AMAZON-02, US)

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.23.126 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-23-126.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.26.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:810::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore, Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.249.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.110.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-110-34.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.31.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f6.1e100.net

11264551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:2:9a5::1931 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.45.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-45-57.nrt20.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.22.21 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:805::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.207.172.239 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-172-239.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	mirus.io mx-api.prod.mirus.io — Cisco Umbrella Rank: 186678 peachy.prod.mirus.io — Cisco Umbrella Rank: 100412 Failed ephemera.mirus.io — Cisco Umbrella Rank: 104440	689 KB
8	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 381 js.adsrvr.org — Cisco Umbrella Rank: 1298 insight.adsrvr.org — Cisco Umbrella Rank: 619	7 KB
8	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 188 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 3976	10 KB
5	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 208 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 103636	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	205 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2503	71 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 763	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	514 B
3	yahoo.com 3 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 774 ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 756	20 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1229 beacon.krxd.net — Cisco Umbrella Rank: 502	529 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 309	511 B
2	statefarm.com smetrics.statefarm.com — Cisco Umbrella Rank: 35380	2 KB
2	defianceinsurance.com 1 redirects defianceinsurance.com	1 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 98	494 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	916 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	67 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 816	517 B
1	adamdeckerinsurance.com adamdeckerinsurance.com	55 KB
64	19

	Domain	Requested by
21	ephemera.mirus.io	adamdeckerinsurance.com
7	dpm.demdex.net	1 redirects adamdeckerinsurance.com
5	match.adsrvr.org	2 redirects js.adsrvr.org
5	connect.facebook.net	adamdeckerinsurance.com connect.facebook.net defianceinsurance.com
4	nexus.ensighten.com	adamdeckerinsurance.com nexus.ensighten.com
3	ct.pinterest.com	s.pinimg.com
3	www.facebook.com
3	cm.g.doubleclick.net	3 redirects
3	peachy.prod.mirus.io	mx-api.prod.mirus.io ephemera.mirus.io
2	ups.analytics.yahoo.com	2 redirects
2	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
2	s.pinimg.com	defianceinsurance.com s.pinimg.com
2	11264551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	idsync.rlcdn.com	2 redirects
2	smetrics.statefarm.com	nexus.ensighten.com defianceinsurance.com
2	defianceinsurance.com	1 redirects
1	adservice.google.com	11264551.fls.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	www.googletagmanager.com	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	adamdeckerinsurance.com	defianceinsurance.com
1	mx-api.prod.mirus.io	defianceinsurance.com
64	27

This site contains links to these domains. Also see Links.

Domain
proofing.statefarm.com
www.facebook.com
www.google.com
apps.statefarm.com
www.statefarm.com
financials.statefarm.com
www.youtube.com
static1.st8fm.com
americanpetinsurance.com
itunes.apple.com
play.google.com
es.statefarm.com

Subject Issuer	Validity	Valid
defianceinsurance.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
mx-api.prod.mirus.io R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
adamdeckerinsurance.com R3	`2022-07-14` - `2022-10-12`	3 months	crt.sh
peachy.prod.mirus.io R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
ephemera.mirus.io R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2022-01-25` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://adamdeckerinsurance.com/
Frame ID: F0F76F1090CDEA09830A36D456FFD5D5
Requests: 47 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: EB25ED92B2FDB6F24B46B2C02457F811
Requests: 6 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F
Frame ID: EB84001A117BF48E85B58B775635DAB4
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fadamdeckerinsurance.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: AC74BEEE828AE23D867E04D01D5DFC8B
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-8295411e7deb&google_gid=CAESEOiEYU2CzZOMAS-gOzEe38w&google_cver=1
Frame ID: DFC65E080D0B21647DD77F21CFD28F97
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oSKA1MNE2uKoRHIBxwP340Dx5XsbvTQ-~A&gdpr=0&gdpr_consent=
Frame ID: A6F914742439E908679CD8A8BDD50937
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 8E8048D7D5F6E477BF8E103811171C89
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6043A1FB6FF7860CE5D2FB09ADC20E44
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 8CDAB2F290EB4D6056801EFE45FC6AF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Glenwood Springs CO State Farm Insurance Agent Adam Decker

Page URL History Show full URLs

http://defianceinsurance.com/ HTTP 301
https://defianceinsurance.com/ Page URL
https://adamdeckerinsurance.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

64
Requests

88 %
HTTPS

25 %
IPv6

19
Domains

27
Subdomains

18
IPs

4
Countries

1129 kB
Transfer

2651 kB
Size

35
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://proofing.statefarm.com/login-interceptor/login?agentAssociateId=MR6389YR7AL
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/100727979255734

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=39.536216%2C-107.324746&query_place_id=ChIJ-Q-7YJgJQYcR5RBBvpFvvxU
Title: Location Map & Directions

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/lite-auth/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote?agentAssociateId=MR6389YR7AL
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/auto/resources/auto-insurance-checklist?agentAssociateId=MR6389YR7AL
Title: Items needed for a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim?agentAssociateId=MR6389YR7AL
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do?agentAssociateId=MR6389YR7AL
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/protect-your-vehicle-from-gas-theft?agentAssociateId=MR6389YR7AL
Title: Protect your vehicle from gas theft Protect your vehicle from gas theft Check out these tips to keep thieves from stealing gas from your vehicle. Read More

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/retirement/cashing-out-your-401k?agentAssociateId=MR6389YR7AL
Title: Cashing out your 401k Cashing out your 401k Considering a pre-retirement 401k withdrawal? Find out if you may be subject to a tax penalty for cashing out a 401k. Read More

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/financial/set-small-goals?agentAssociateId=MR6389YR7AL
Title: Set small goals to make big wins Set small goals to make big wins Saving for that big goal can be overwhelming. So break it in to bite-sized tasks that give you wins along the way. Read More

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/?agentAssociateId=MR6389YR7AL
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=-a2G3XCqNdk
Title: Commercial Breaks

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/CommercialBreaks.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=HbOVI0adziQ
Title: Color Full Lives

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=kz85XukQBaA
Title: Tonya Rapley

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qzVL-MzpdCU
Title: Color Full Lives with Angela Yee

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/ColorFullLiveswithAngelaYee.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: http://americanpetinsurance.com/
Title: AmericanPetInsurance.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/pet
Title: Pet Insurance From State Farm® and Trupanion®.

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads?agentAssociateId=MR6389YR7AL
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security?agentAssociateId=MR6389YR7AL
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement?agentAssociateId=MR6389YR7AL
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use?agentAssociateId=MR6389YR7AL
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy?agentAssociateId=MR6389YR7AL
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights?agentAssociateId=MR6389YR7AL
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

URL: https://es.statefarm.com/agent/us/co/glenwood-springs/adam-decker-mr6389yr7al
Title: Cambiar al Español

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://defianceinsurance.com/ HTTP 301
https://defianceinsurance.com/ Page URL
https://adamdeckerinsurance.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://defianceinsurance.com/ HTTP 301
https://defianceinsurance.com/

Request Chain 16

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1660117035107 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1660117035107

Request Chain 30

https://cm.everesttech.net/cm/dd?d_uuid=59848706633073465953813447927434859684 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvNgKwAAAITHvgN-

Request Chain 31

https://idsync.rlcdn.com/365868.gif?partner_uid=59848706633073465953813447927434859684 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTk4NDg3MDY2MzMwNzM0NjU5NTM4MTM0NDc5Mjc0MzQ4NTk2ODQQABoNCKvAzZcGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=dc3b306da713dbd2fa72f622b295709c357c2c0462fffae9f250bb690ac262e5b0da87c991749652

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTk4NDg3MDY2MzMwNzM0NjU5NTM4MTM0NDc5Mjc0MzQ4NTk2ODQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTk4NDg3MDY2MzMwNzM0NjU5NTM4MTM0NDc5Mjc0MzQ4NTk2ODQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJprSfM-pnzdImMSeaAI94&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 33

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2ea60e11-d100-4aea-bbc7-8295411e7deb

Request Chain 38

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=59848706633073465953813447927434859684&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Kuri6atE2pF.h8uLNP_dmwhrDrHpch7.oXA-~A

Request Chain 42

https://usermatch.krxd.net/um/v2?partner=adobe&id=59848706633073465953813447927434859684 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=59848706633073465953813447927434859684

Request Chain 43

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F HTTP 302
https://11264551.fls.doubleclick.net/activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MmVhNjBlMTEtZDEwMC00YWVhLWJiYzctODI5NTQxMWU3ZGVi&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-8295411e7deb HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-8295411e7deb&google_gid=CAESEOiEYU2CzZOMAS-gOzEe38w&google_cver=1

Request Chain 54

https://ups.analytics.yahoo.com/ups/55953/sync?uid=2ea60e11-d100-4aea-bbc7-8295411e7deb&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=2ea60e11-d100-4aea-bbc7-8295411e7deb&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oSKA1MNE2uKoRHIBxwP340Dx5XsbvTQ-~A&gdpr=0&gdpr_consent=

Request Chain 55

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ea60e11-d100-4aea-bbc7-8295411e7deb&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
defianceinsurance.com/
Redirect Chain

http://defianceinsurance.com/
https://defianceinsurance.com/

2 KB
1 KB

447ms
151ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://defianceinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: /
Resource Hash: 16fb118919205925052c855afdaa9c8b27b598dca09b04662195e1c042d089b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 10 Aug 2022 07:37:13 GMT
vary: origin,accept-encoding
x-cheesecrd-backend: mx-api
x-cheesecrd-lookup: master:defianceinsurance.com/
x-cheesecrd-path: /

Redirect headers

content-length: 0
location: https://defianceinsurance.com/

GET
H2 200 peachy-client
mx-api.prod.mirus.io/ 65 KB
20 KB 606ms
144ms Script
text/html 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mx-api.prod.mirus.io/peachy-client

Requested by

Host: defianceinsurance.com
URL: https://defianceinsurance.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://defianceinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:14 GMT
content-encoding: gzip
vary: origin,accept-encoding
cache-control: no-cache
access-control-expose-headers: WWW-Authenticate,Server-Authorization
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H2 200 Primary Request / Show response
adamdeckerinsurance.com/ 284 KB
55 KB 686ms
275ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adamdeckerinsurance.com/
Requested by: Host: defianceinsurance.com
URL: https://defianceinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b0767148ae36034ef04c1540828ef20e17994ced3a07d6f3b0daff4d2d7459d4

Request headers

Referer: https://defianceinsurance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-cache, max-age=30
content-encoding: gzip
content-length: 55362
content-type: text/html
date: Wed, 10 Aug 2022 07:37:14 GMT
etag: "19896556d9f56e13f94f3eb733e7134e"
expires: Wed, 10 Aug 2022 07:37:44 GMT
last-modified: Tue, 09 Aug 2022 20:06:50 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:adamdeckerinsurance.com/
x-cheesecrd-path: /
x-goog-generation: 1660075610467715
x-goog-hash: crc32c=xTVzfg== md5=GYllVtn1bhP5Tz63M+cTTg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 55362
x-guploader-uploadid: ADPycdskekNzHgETJVsWWLSwbfUkw7vatM5ewWtlOOJVcjMGcCfbDzmE_P-4CLcnSAawj7IGOrnKOsCPp4aSpdVwgTEXjDosMJM4

POST pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ 0
0

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame 0
0 563ms
142ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://defianceinsurance.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://defianceinsurance.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Wed, 10 Aug 2022 07:37:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 resize
ephemera.mirus.io/img/ 48 KB
49 KB 270ms
185ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fbanners%2Fmx-pre-approved%2Fm1_web_59092223.jpg

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

26a3de92201d66099b227034486c53d8e7e76ff2a275c51b2e9744eb6dbcef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 49370
x-frontend: cbb51b06
fly-request-id: 01GA3AZA2V7HEM9KAW8H13SZMF-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fbanners%2Fmx-pre-approved%2Fm1_web_59092223.jpg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 79f08f02
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Mon, 08 Aug 2022 15:54:52 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 76 KB
24 KB 87ms
5ms Script
application/javascript 13.32.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-49.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f40662775ade8d9298d15ee680b57e32dd642d8bce6bab9481bf8aae0fa9bbd0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 17:07:20 GMT
content-encoding: br
age: 484196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 17:06:44 GMT
server: AmazonS3
etag: W/"df2dd98363d8fbbf453cec3dbc6307e0"
vary: Accept-Encoding
x-amz-version-id: LHwEvcr1oUqlSvOYPLjOK0FpOQsj__qu
via: 1.1 c05fb02176b8b832bff0feeba4ace242.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: NRT57-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: CIS3j92B3tSJHb0n_M1xaMXfdgCcTKVIBNsG-JolRMK9A84v3XpRXA==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 17ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

735702a677dde3f8475e3e177dbb4cb07c2c4270e466fb14abefd8f29fac5633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: msrBjG86z6NYTFjlaOV0gw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: Fy3uoJKSSaXBDd/iQWSse+0RG1BwrQExd+NgplZWWKL4Fb3QlM0n+YKsf48UQBIkPEfmo1g115OfKzm9sVgn9A==
x-fb-trip-id: 382461245
x-fb-content-md5: d4395f64c6670ec401e829d05ff157ca
x-frame-options: DENY
date: Wed, 10 Aug 2022 07:37:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d36f56bc497648b8c2774ba63f4e0fc1"
timing-allow-origin: *
priority: u=1,i
expires: Wed, 10 Aug 2022 07:39:16 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/ 31 KB
32 KB 229ms
148ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-amz-request-id: 5PZXK6GYVPF2V0TM
x-cache-status: HIT
x-region: dfw
content-length: 32208
x-amz-id-2: PR3douP4D0xIQNjsyVl10e6qT0o+5+DpcnJ0/LkUNa9eU1TxVmz6KDLbUSgW6zPkscV8twcwxuQ=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:54 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-SemiBold.woff2
fly-request-id: 01GA3AZA2TW65VY7DK08S04G43-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 79f08f02
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:52 GMT

GET
H2 200 SourceSansPro-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/ 74 KB
74 KB 257ms
181ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/SourceSansPro-Regular.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: efad32cb9672046cc1717bc9755aa113ae24f3ca3e574b081f41719d5f5ceb09

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "b0be5ec231f9b109606178d44be74465"
x-amz-request-id: 3BCQQJVTMT3JTSSE
x-cache-status: HIT
x-region: dfw
content-length: 75808
x-amz-id-2: +jPa4mhitKES97HMzbjLq3tL3sayK6KUFSn3nr4qRZwNTZEcxgZAiA/yE5hGwwc3FcmUQH0aLPs=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:50 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/SourceSansPro-Regular.woff2
fly-request-id: 01GA3AZA2TK1VRY34NQSRDYH48-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: e9eb9dad
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:48 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 67 KB
67 KB 265ms
191ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fbanners%2Fmx-pre-approved%2Fm1_web_59092223.jpg

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

8f5d9d4890bbd639db154701d7dfe1e70c5544b368e4470d4a4a83001c24dbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 68318
x-frontend: cbb51b06
fly-request-id: 01GA3AZA2VBZYHGCDGDX8WX0N1-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fbanners%2Fmx-pre-approved%2Fm1_web_59092223.jpg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 79f08f02
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Tue, 16 Aug 2022 20:36:49 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 9 KB
9 KB 252ms
178ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FMR6389YR7AL_agent_avatar_20220304T162903Z_adamdeckerinsurance_com_9boi2ey6h9.jpeg

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

899cc03ce3f490c1341866160d9db339721f42dd4b7c0f6c4c81208deaf3eae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 9256
x-frontend: cbb51b06
fly-request-id: 01GA3AZA2V1567SCA8YD2416B2-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FMR6389YR7AL_agent_avatar_20220304T162903Z_adamdeckerinsurance_com_9boi2ey6h9.jpeg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 79f08f02
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Fri, 12 Aug 2022 17:09:01 GMT

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/ 31 KB
31 KB 228ms
160ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "7cc9632b9df119aed25a6812b1c59569"
x-amz-request-id: 5PZNA8Y7N9Z1KG10
x-cache-status: HIT
x-region: dfw
content-length: 31812
x-amz-id-2: p5yqXs88EkuS8kISGekVgqWg5HvXsWi84Sh3OMuVnxs34tcRkoBDozs65RD7fwKEmmYNU2kjFC0=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:52 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-Bold.woff2
fly-request-id: 01GA3AZA2TYX7YS74GNFMDE9E5-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: cbb51b06
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:51 GMT

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/ 31 KB
32 KB 218ms
150ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "45568a98b8085b944e9b8c47a2947646"
x-amz-request-id: 5PZVKZTBSEEY9CA3
x-cache-status: HIT
x-region: dfw
content-length: 31948
x-amz-id-2: och/kF3Q9mFxHkWDT+pVMdXDAQbspzzVmow/hCgGU6mX/B7CgcxvSzqF/BUmTFsIYgwcnP/G5kU=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:53 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-Regular.woff2
fly-request-id: 01GA3AZA2TQVMXX7VX1TNWCW2Q-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: e9eb9dad
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:52 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 3ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cb371edffebd8a5047b44cdd7d4ce66c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1769c518c56bb8d5dcabeab076b95f868ab83ed3c4f50d05ddee1a4a29a1bc1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4oV3vgUU6p6PrzybVXGTlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87847
x-fb-rlafr: 0
x-fb-debug: h+sScPPZjr6+4jVeFqGd2GBrkl+QkgatBMUFAsNejjwoF/2mh9WWXM5F6znTiboY/gLwuKQiSFZojlGSWxjpqQ==
x-fb-trip-id: 382461245
x-fb-content-md5: 4161b124ab93457bb496d369a6f08cfc
x-frame-options: DENY
date: Wed, 10 Aug 2022 07:37:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5cd2e78f373a0e85f7f0d2df4f6bc988"
timing-allow-origin: *
expires: Thu, 10 Aug 2023 07:15:30 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 38 KB
38 KB 148ms
148ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?height=384&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FMR6389YR7AL_mission_tab_images_20220726150001Z_adamdeckerinsurance_com_alkyziylze.jpeg

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

a8a0ada2b60f76ca952740d90b0ae94bd12f11f540bd98b115ce7f05b6c42dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: STALE
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 38594
x-frontend: cbb51b06
fly-request-id: 01GA3AZA2YSX3F1FJ5PQR1GMPH-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?height=384&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FMR6389YR7AL_mission_tab_images_20220726150001Z_adamdeckerinsurance_com_alkyziylze.jpeg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: e9eb9dad
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Wed, 03 Aug 2022 15:27:38 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 37 KB
37 KB 166ms
166ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

100ebc65f0bff28b93cbbf4ed5463986ff9ab738137c032122ce107c0a91a191

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 37722
x-frontend: cbb51b06
fly-request-id: 01GA3AZA2YXJQBYXK3TWXS0EPW-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?height=384&type=auto&url=https%3A%2F%2Fs3.amazonaws.com%2Fnakala.mirus.io%2Fm1%2Fapprovals%2Faccepted%2FMR6389YR7AL_mission_tab_images_20220721181700Z_adamdeckerinsurance_com_hszkujvlwm.jpeg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 79f08f02
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Thu, 11 Aug 2022 17:16:57 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1660117035107
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1660117035107

1 KB
1 KB

7ms
6ms

XHR
application/json

52.196.162.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1660117035107

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

HTTP/1.1

Server

52.196.162.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

9217cf0e2b5960266245f93f0964abd1e067c75142046681000c845c5be02234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v036-0db8b8ff3.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hTEvwzJfQZ8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://adamdeckerinsurance.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 631
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-tyo3-1-v036-02d0e643e.edge-tyo3.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://adamdeckerinsurance.com
X-TID: gju+ukxUTy8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1660117035107
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/ 31 KB
32 KB 163ms
163ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-amz-request-id: 5PZMQAN2TXM3TA53
x-cache-status: HIT
x-region: dfw
content-length: 32200
x-amz-id-2: wNHjIkg53dGtdBxJZgCi0V728sQS0P39PXDEzx3P+HGpbsVqXStqIpGHHC8zuGpJZNHsJpQV5BU=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:53 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleSans-Medium.woff2
fly-request-id: 01GA3AZA3CKTF5JAMSKK90K8X7-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: e9eb9dad
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:52 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 392 B
695 B 19ms
19ms Script
text/javascript 13.32.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Aug%2004%2017:06:41%20GMT%202022&ClientID=603&PageID=https%3A%2F%2Fadamdeckerinsurance.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-49.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: 19e1e92b28231a69431c72b59596acbc8aa6475413354497bf8c73efee57d1db

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 1.1 c05fb02176b8b832bff0feeba4ace242.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT57-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 392
x-amz-cf-id: nFONek6vVN23eXo7LkPsvXkXVKGyoScioJxfNypG5Q0yt2SeTIpq6A==
expires: Wed, 10 Aug 2022 07:37:14 GMT

GET
H2 200 quoteForm.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/ 98 KB
45 KB 178ms
177ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/quoteForm.js
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: f0ce04714ed55b284b3a862b5fd10bf57cd15f8154359d2ec85c928c30cc3836

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
content-encoding: gzip
etag: "be76171eda7dda27bc96d934502c1ad9"
x-amz-request-id: PDCKGPT8F7FMXSS1
x-cache-status: HIT
x-region: dfw
x-amz-id-2: wOrwM6MDvNDYc3TI10aYdQWAX5xDHqBJYWKtLKcLnDBfJRIe/H+4M7zfptEdHAKYbgG5BxiGZyY=
access-control-allow-origin: *
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:57 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/quoteForm.js
fly-request-id: 01GA3AZA3SF36JC7PNM464H5P8-nrt
content-type: application/javascript
via: 2 fly.io
cache-control: public,max-age=31536000,immutable
x-instance: e9eb9dad
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:56 GMT

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/ 289 B
530 B 178ms
178ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/scrollToElement.js
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: bc9a63b3e86121f1fbe5fcf828c4668555e849af8d6434e72679c224015b33c6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
content-encoding: gzip
etag: "33eecf1515bd28dd9266412ca819d8a1"
x-amz-request-id: 97FNHP2PPW382PGJ
x-cache-status: HIT
x-region: dfw
x-amz-id-2: m4HY0Mv4/zchESDXEMgSgVI7gDj3IWXZhPwvIB4SiVZK9ObA6KR+2dPAiNvo4JL9JfGuzoxImcs=
access-control-allow-origin: *
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:57 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/scrollToElement.js
fly-request-id: 01GA3AZA3SDV7WBKXA9MY2WG04-nrt
content-type: application/javascript
via: 2 fly.io
cache-control: public,max-age=31536000,immutable
x-instance: e9eb9dad
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:56 GMT

GET
H2 200 contactForm.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/ 251 KB
102 KB 177ms
177ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/contactForm.js
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: 349a7f3df380983f177bbcc2f861306e6f66a25f351c3b32400331c8a11542e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
content-encoding: gzip
etag: "c3f1061d4316299d98a9ea0d5650c597"
x-amz-request-id: 97FTPSK3P5ATMTVF
x-cache-status: HIT
x-region: dfw
x-amz-id-2: GdH4G7g7kOWgEmUIs6Xsbwcrxjn2GBQGOfpIcioA51LmenX8KvIjjME/cReQMQt9cK4sN2Zprz8=
access-control-allow-origin: *
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:57 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/contactForm.js
fly-request-id: 01GA3AZA3SH8YMWH4Z8N3B05F2-nrt
content-type: application/javascript
via: 2 fly.io
cache-control: public,max-age=31536000,immutable
x-instance: cbb51b06
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:56 GMT

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/ 32 KB
33 KB 574ms
574ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "5c321170479a815ab790c771bcc8f1d3"
x-amz-request-id: 5PZZ8V013M39M5ZF
x-cache-status: HIT
x-region: dfw
content-length: 32960
x-amz-id-2: SzphcLU47ERrbbGMTONcG2uoE5/3eR2y4Pv3wdgVNGFSuvFGnjtllM0xNn8VHz/BKO7R6st7PZs=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:52 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleLegal-Medium.woff2
fly-request-id: 01GA3AZA3YY6XCE5K8B1SMA84M-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: 79f08f02
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:51 GMT

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/ 32 KB
32 KB 574ms
574ms Font
font/woff2 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer: https://adamdeckerinsurance.com/
Origin: https://adamdeckerinsurance.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-amz-request-id: 5PZGK6E277HG1YHM
x-cache-status: HIT
x-region: dfw
content-length: 32844
x-amz-id-2: ZPiLSPQfnnvxifwtwtBeysD4dx+GlvqiWvh7goIrIdQXbu/eNZI7lkHy3BGACjKuBywdg3i2yFY=
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:52 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/fonts/sf/MecherleLegal-Regular.woff2
fly-request-id: 01GA3AZA3ZM6Q2JA7GZ6E321HP-nrt
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-instance: e9eb9dad
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:51 GMT

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/ 41 KB
21 KB 184ms
184ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/alpine.js
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: 41f8cb4bff704f778c7ae4091174a5f46f2ea1b7c68336d3fdf92cd02da37140

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
content-encoding: gzip
etag: "951b190403d087fc66ef17ddd8969837"
x-amz-request-id: 97FT8H1DK41CQSYS
x-cache-status: HIT
x-region: dfw
x-amz-id-2: GMe4AMcIGDrEIEofrfYyqDJpYXdbkCO1Vd4a+Qrt7Ib2tdoGasaBgk1Fhy+QifVvrGhKzQuDSSU=
access-control-allow-origin: *
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:57 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/alpine.js
fly-request-id: 01GA3AZA41275MSTCG34F34821-nrt
content-type: application/javascript
via: 2 fly.io
cache-control: public,max-age=31536000,immutable
x-instance: 79f08f02
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:56 GMT

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/ 3 KB
2 KB 168ms
168ms Script
application/javascript 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/utils.js
Requested by: Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/cd446256 (2022-08-09) /
Resource Hash: 3cc5da363d10c71a21ce61a25b353234a80149ca92838224a7871ae9b6215afa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
content-encoding: gzip
etag: "bbde491116a2cc79bbe35118dc511709"
x-amz-request-id: HK5YE65V7KJ30XBK
x-cache-status: HIT
x-region: dfw
x-amz-id-2: eTa87mdpzFotu1NbEisfNRCOv/oc3+/q61/+gD5DyUNFdbfAGKzjItbMqPSKVtuZ+VvcpNAZUOE=
access-control-allow-origin: *
x-frontend: cbb51b06
last-modified: Wed, 03 Aug 2022 21:53:57 GMT
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/utils.js
fly-request-id: 01GA3AZA42R5FKXMMAA6ZA9R6Z-nrt
content-type: application/javascript
via: 2 fly.io
cache-control: public,max-age=31536000,immutable
x-instance: cbb51b06
accept-ranges: bytes
x-git-sha: 1be24179
expires: Thu, 03 Aug 2023 21:53:56 GMT

GET
H2 200 ca309200c8ca845188b41081013f1efd.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 161 KB
45 KB 12ms
11ms Script
application/javascript 13.32.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/ca309200c8ca845188b41081013f1efd.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-49.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0239f7cd0376855c4093e2835c105dc753ef4115c3fd1fe6bca6f169640783bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 17:07:23 GMT
content-encoding: br
age: 484193
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 17:06:44 GMT
server: AmazonS3
etag: W/"225846d5a6e550a7dd453d62724e3a8b"
vary: Accept-Encoding
x-amz-version-id: g.3IHTlNkjlUhLikh4hd75bBW3Ph0F3k
via: 1.1 c05fb02176b8b832bff0feeba4ace242.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: NRT57-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 3JzQ56BeRL2k9pnqW8kRGN6mO1W-77ltMDqbBzJiZiclqcnthA2FMA==

GET
H2 200 37a6eb7558cd7caddabc4d41df02ff83.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 7ms
7ms Script
application/javascript 13.32.50.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/37a6eb7558cd7caddabc4d41df02ff83.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-49.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:41:52 GMT
content-encoding: gzip
age: 64523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Apr 2022 21:38:02 GMT
server: AmazonS3
etag: W/"f95e7ee6badef0644c8fa8b201a00dd2"
vary: Accept-Encoding
x-amz-version-id: ksB7VnQR_K2AakdQJaGQv2loxEAMmlpZ
via: 1.1 c05fb02176b8b832bff0feeba4ace242.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: NRT57-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Liy3GQQ3iU01pA98B5j1J52cd-iWmS6hTc3y7_6E1ZAUSF2gpSWj5w==

GET
H/1.1 200
OK dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame EB25 7 KB
3 KB 104ms
7ms Document
text/html 52.199.15.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.199.15.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-15-7.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://adamdeckerinsurance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-tyo3-1-v036-0d4faa54f.edge-tyo3.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: QcZUaMhyT7I=
content-encoding: gzip
date: Wed, 10 Aug 2022 07:37:15 GMT
last-modified: Wed, 3 Aug 2022 11:54:02 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
470 B 393ms
11ms XHR
application/x-javascript 63.140.50.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=64002372712264195834553327671950024568&ts=1660117035353

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.163 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

d6864e05a04774ab84017fb1d612adec5a15cd1998a109ff3f0864432471dff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adamdeckerinsurance.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://adamdeckerinsurance.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YvNgKwAAAITHvgN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=59848706633073465953813447927434859684
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvNgKwAAAITHvgN-

42 B
942 B

10ms
9ms

Image
image/gif

52.196.162.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvNgKwAAAITHvgN-

Requested by

Host: adamdeckerinsurance.com
URL: https://adamdeckerinsurance.com/

Protocol

HTTP/1.1

Server

52.196.162.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v036-05abf4f08.edge-tyo3.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xYJecV0TQWU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvNgKwAAAITHvgN-
Date: Wed, 10 Aug 2022 07:37:15 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=dc3b306da713dbd2fa72f622b295709c357c2c0462fffae9f250bb690ac262e5b0da87c991749652
dpm.demdex.net/ Frame EB25
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=59848706633073465953813447927434859684
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTk4NDg3MDY2MzMwNzM0NjU5NTM4MTM0NDc5Mjc0MzQ4NTk2ODQQABoNCKvAzZcGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=dc3b306da713dbd2fa72f622b295709c357c2c0462fffae9f250bb690ac262e5b0da87c991749652

42 B
942 B

12ms
12ms

Image
image/gif

52.196.162.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=dc3b306da713dbd2fa72f622b295709c357c2c0462fffae9f250bb690ac262e5b0da87c991749652

Protocol

HTTP/1.1

Server

52.196.162.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v036-0c5928bdf.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nhnDt9zZTPQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=dc3b306da713dbd2fa72f622b295709c357c2c0462fffae9f250bb690ac262e5b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEFJprSfM-pnzdImMSeaAI94&google_cver=1
dpm.demdex.net/ Frame EB25
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTk4NDg3MDY2MzMwNzM0NjU5NTM4MTM0NDc5Mjc0MzQ4NTk2ODQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTk4NDg3MDY2MzMwNzM0NjU5NTM4MTM0NDc5Mjc0MzQ4NTk2ODQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJprSfM-pnzdImMSeaAI94&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

12ms
10ms

Image
image/gif

52.196.162.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJprSfM-pnzdImMSeaAI94&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.196.162.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v036-06e7124a7.edge-tyo3.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yfS/YN4XTiE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 07:37:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJprSfM-pnzdImMSeaAI94&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=2ea60e11-d100-4aea-bbc7-8295411e7deb
dpm.demdex.net/ Frame EB25
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2ea60e11-d100-4aea-bbc7-8295411e7deb

42 B
942 B

11ms
10ms

Image
image/gif

52.196.162.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=2ea60e11-d100-4aea-bbc7-8295411e7deb

Protocol

HTTP/1.1

Server

52.196.162.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v036-0d146ea44.edge-tyo3.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MSZaGCuDT2c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 07:37:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=2ea60e11-d100-4aea-bbc7-8295411e7deb
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 381 KB
67 KB 123ms
70ms Script
application/javascript 2404:6800:4004:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c40d033981e8484e9b2ff6469f614ef90edbfe4edd42627337d13643205d1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68064
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Aug 2022 07:37:15 GMT

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 80 B
330 B 143ms
142ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: ephemera.mirus.io
URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/56026b9e035baa991a2ab736069f1fc08beb5a96/js/quoteForm.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

10894bf2b92e4a446eb9bf3e2084b91713374a301322d65516c543ba6919c50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://adamdeckerinsurance.com/
keen-sdk: javascript-5.0.1
accept-language: jp-JP,jp;q=0.9
Authorization: WK
Content-Type: application/json

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://adamdeckerinsurance.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 80

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 139ms
139ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://adamdeckerinsurance.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://adamdeckerinsurance.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Wed, 10 Aug 2022 07:37:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 s43712736776926 Show response
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 1 KB
1 KB 19ms
19ms Script
application/x-javascript 63.140.50.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s43712736776926?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=10%2F7%2F2022%207%3A37%3A15%203%200&d.&nsid=0&jsonv=1&.d&D=..&mid=64002372712264195834553327671950024568&aamlh=11&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al&g=https%3A%2F%2Fadamdeckerinsurance.com%2F&r=https%3A%2F%2Fdefianceinsurance.com%2F&ch=sf%3Aus%3Aagent-micro-m2-lan&server=adamdeckerinsurance.com&events=event44&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-m2-lan%3Amr6389yr7al&h1=home%7Cagent-micro-m2-lan%7Cmr6389yr7al&c4=sf%3Aagent-micro-m2-lan%3Amr6389yr7al&v6=adamdeckerinsurance.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fadamdeckerinsurance.com%2F&v26=%2B1&v32=referring%20domains&v37=%2B1&c38=en&v38=wednesday%7C2%3A30am&v50=8%2F10%2F2022&v52=..c16&v53=r%7Cdefianceinsurance.com&v54=n%2Fa&v55=referring%20domains&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F104.0.5112.79%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: defianceinsurance.com
URL: https://defianceinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.163 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

74e0648d14616401412d2524c3d01eca194f54155c833194cebea9d123671fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-aam-tid: M+jvc3KEREw=
date: Wed, 10 Aug 2022 07:37:15 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
vary: *
content-length: 1079
x-xss-protection: 1; mode=block
dcs: dcs-prod-tyo3-1-v036-0ee2d7a60.edge-tyo3.demdex.com 4 ms
pragma: no-cache
last-modified: Thu, 11 Aug 2022 07:37:15 GMT
server: jag
etag: 3565074186881859584-4619391917705757100
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 09 Aug 2022 07:37:15 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame EB25
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=59848706633073465953813447927434859684&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Kuri6atE2pF.h8uLNP_dmwhrDrHpch7.oXA-~A

42 B
942 B

7ms
7ms

Image
image/gif

52.196.162.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Kuri6atE2pF.h8uLNP_dmwhrDrHpch7.oXA-~A

Protocol

HTTP/1.1

Server

52.196.162.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-162-199.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v036-02d0e643e.edge-tyo3.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: q6rE0XWbT0w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 10 Aug 2022 07:37:16 GMT
via: http/1.1 spdc0101.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Kuri6atE2pF.h8uLNP_dmwhrDrHpch7.oXA-~A
content-length: 0

GET
H2 200 resize
ephemera.mirus.io/img/ 5 KB
5 KB 149ms
146ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fad%2Fadamdeckerinsurance.com%2Fadamdeckerinsurance.com-sidebar-md-c0c7198908574082b25ca77b2d30a5b7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

7d00026d67cde5da6a3c5bcb7a95cb9bd70abf7118738d743579cd5bb78d695e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 4744
x-frontend: cbb51b06
fly-request-id: 01GA3AZAT59Q8EEPVTPJQPPZ4R-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fad%2Fadamdeckerinsurance.com%2Fadamdeckerinsurance.com-sidebar-md-c0c7198908574082b25ca77b2d30a5b7.png
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: cbb51b06
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Thu, 11 Aug 2022 17:16:58 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 5 KB
5 KB 155ms
153ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2F583-protect-gas-theft-wide.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

ee7629077a1f2ea339715fee0a0f0e17c3ab9a006d51a3cd677d9210e3f33cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 4846
x-frontend: cbb51b06
fly-request-id: 01GA3AZAT5WENGMHV4QZPPN0FH-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2F583-protect-gas-theft-wide.jpg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 79f08f02
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Mon, 08 Aug 2022 02:54:39 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 19 KB
19 KB 148ms
147ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2F284-cash-out-401k-wide.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

1457dc652a8fc92e5d20eee57d1a58fdad46be32ad237f6c8c241fb24d7302ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:15 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 19190
x-frontend: cbb51b06
fly-request-id: 01GA3AZAT65XBN6KH1HCFFDY7E-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2F284-cash-out-401k-wide.jpg
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: cbb51b06
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Wed, 10 Aug 2022 18:28:45 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame EB25
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=59848706633073465953813447927434859684
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=59848706633073465953813447927434859684

0
337 B

515ms
114ms

Image
text/plain

52.39.110.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=59848706633073465953813447927434859684
Protocol: H2
Server: 52.39.110.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-110-34.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1660117037
x-served-by: beacon-n003-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=59848706633073465953813447927434859684
date: Wed, 10 Aug 2022 07:37:16 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a001-ash-prod.krxd.net

GET
H3

200

activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https... Show response
11264551.fls.doubleclick.net/ Frame EB84
Redirect Chain

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=ht...
https://11264551.fls.doubleclick.net/activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-m...

448 B
386 B

91ms
54ms

Document
text/html

172.217.31.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11264551.fls.doubleclick.net/activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f6.1e100.net

Software

cafe /

Resource Hash

d9fddeb937813febcf4b1463e7c73f13203b03543e624ec2f17e69f59ec30d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 07:37:16 GMT
expires: Wed, 10 Aug 2022 07:37:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 07:37:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11264551.fls.doubleclick.net/activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 24ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: defianceinsurance.com
URL: https://defianceinsurance.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26506
x-xss-protection: 0
pragma: public
x-fb-debug: E5X6V5XmoVyQ8Cv2xWQ98iP6EzaqtGQJWvV0rxEQeNGdTApJsSt57tKZbA6lTRx5OhSDRuRYCHy5gUmnzwcc3Q==
x-frame-options: DENY
date: Wed, 10 Aug 2022 07:37:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 414ms
200ms Script
application/javascript 2600:140b:2:9a5::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: defianceinsurance.com
URL: https://defianceinsurance.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2:9a5::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "2dda33348480d93c64a825f2616f03ce"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 33ms
7ms Script
application/x-javascript 13.35.45.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.45.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-45-57.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:19:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 84344
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 c6e672f66f0c430c2e883081a311e09e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: NRT20-C1
X-Amz-Cf-Id: kZIioCoF7nGJBbwI_heV0-tNsxDJCiFipcrjI2Or7T3fDCNLkXeAaQ==

GET
H3 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 5ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5ed161adf652e66652e8f66ce2e5eb5b513c577bb91bcb46e46b8fceb0c2b4a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6847
x-xss-protection: 0
pragma: public
x-fb-debug: PfDtHcgekzvTLIyCXNc8noNelr7v4+vLwEmAeBuP4V6ng9kKn3ArIk0EMIu1xRX2wQ/0Bl9acwlv7vWBtX959g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 10 Aug 2022 07:37:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame AC74 927 B
1 KB 64ms
6ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fadamdeckerinsurance.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 32ef18a580126817c9fa0fee0cf3ad389c00be9eff51fbe2e3052bc0e7fe753f

Request headers

Referer: https://adamdeckerinsurance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 10 Aug 2022 07:37:16 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 1936962093151750 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936962093151750?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87a86a4a25c6d4576b1a147e4f0ee7523299ff3beb1739ad5043f4edf19ada19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85874
x-xss-protection: 0
pragma: public
x-fb-debug: vPD18xmmDgtrsA32l2tu9X0wK1hIOSO4+fWi0gO7BhEqi87yzqudW5jhilCdvlMGeFP2r9D0OeEAghKWMzd0pg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 10 Aug 2022 07:37:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 14ms
4ms Image
image/gif 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fadamdeckerinsurance.com%2F&rl=https%3A%2F%2Fdefianceinsurance.com%2F&if=false&ts=1660117036015&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=28&fbp=fb.1.1660117036014.690771166&it=1660117036002&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 10 Aug 2022 07:37:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 7ms
2ms Image
image/gif 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fadamdeckerinsurance.com%2F&rl=https%3A%2F%2Fdefianceinsurance.com%2F&if=false&ts=1660117036038&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1660117036014.690771166&it=1660117036002&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 10 Aug 2022 07:37:16 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame AC74 487 B
963 B 3ms
3ms Script
application/x-javascript 13.35.45.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fadamdeckerinsurance.com%2F&upid=t8xbszz&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.45.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-45-57.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 06:55:12 GMT
Via: 1.1 c6e672f66f0c430c2e883081a311e09e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 2525
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: NRT20-C1
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: U36xHHH3fLiG7LHS3Yc0zEaVd2Ud247eBXOc8x25RcxplqyAHNuN7g==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame DFC6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MmVhNjBlMTEtZDEwMC00YWVhLWJiYzctODI5NTQxMWU3ZGVi&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-82954...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-8295411e7deb&google_gid=CAESEOiEYU2CzZOMAS-gOzEe38w&google_cver=1

70 B
607 B

4ms
4ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-8295411e7deb&google_gid=CAESEOiEYU2CzZOMAS-gOzEe38w&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 10 Aug 2022 07:37:16 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 07:37:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=2ea60e11-d100-4aea-bbc7-8295411e7deb&google_gid=CAESEOiEYU2CzZOMAS-gOzEe38w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame A6F9
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=2ea60e11-d100-4aea-bbc7-8295411e7deb&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=2ea60e11-d100-4aea-bbc7-8295411e7deb&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oSKA1MNE2uKoRHIBxwP340Dx5XsbvTQ-~A&gdpr=0&gdpr_consent=

70 B
607 B

4ms
4ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oSKA1MNE2uKoRHIBxwP340Dx5XsbvTQ-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 10 Aug 2022 07:37:16 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Wed, 10 Aug 2022 07:37:16 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oSKA1MNE2uKoRHIBxwP340Dx5XsbvTQ-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 8E80
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ea60e11-d100-4aea-bbc7-8295411e7deb&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
607 B

5ms
4ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 10 Aug 2022 07:37:16 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
content-length: 0

GET
H2 200 dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=*;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.c...
adservice.google.com/ddm/fls/z/ Frame EB84 42 B
494 B 112ms
51ms Image
image/gif 2404:6800:400a:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=*;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F

Requested by

Host: 11264551.fls.doubleclick.net
URL: https://11264551.fls.doubleclick.net/activityi;dc_pre=CIT45vHhu_kCFaTyTAId9fgBjQ;src=11264551;type=micro0;cat=micro006;ord=2468095499419;gtm=2wg880;auiddc=1310345584.1660117036;u9=sf%3Aus%3Aagent-micro-m2-lan%3Amr6389yr7al;~oref=https%3A%2F%2Fadamdeckerinsurance.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://11264551.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 07:37:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.c99cd143.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 196ms
195ms Script
application/javascript 2600:140b:2:9a5::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.c99cd143.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2:9a5::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "a05548af4f747ef476e354fcd30947ce"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18448
access-control-expose-headers: X-CDN

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6043 0
15 B 3ms
2ms Document
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://adamdeckerinsurance.com
Referer: https://adamdeckerinsurance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://adamdeckerinsurance.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 07:37:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
ct.pinterest.com/user/ 489 B
838 B 352ms
171ms XHR
application/json 23.207.172.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1660117036594

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c99cd143.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.172.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-172-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

08d20a2ee48b6892026d9a264b4c45206ccb1018dfb5f1d643d6a10bbd2f974a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:16 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.c6322d17.1660117036.2910312c
x-envoy-upstream-service-time: 2
x-pinterest-rid: 4643566258652471
pin-unauth: dWlkPU5EWXlNRGxoWkRRdE9UWmhOQzAwTXpsbUxXRTROR0V0WXpKaE9HTTJOemt4TUdGbA
access-control-allow-origin: https://adamdeckerinsurance.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 351
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 351ms
177ms Image
image/gif 23.207.172.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fadamdeckerinsurance.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fdefianceinsurance.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1660117036602

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.172.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-172-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 07:37:16 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.c6322d17.1660117036.29103135
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7278700692063995
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 3 KB
3 KB 142ms
142ms Image
image/webp 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2FYMIM-T4-Small-Goals-make-for-Big-Wins-wide.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/cd446256 (2022-08-09) /

Resource Hash

4607f17e29b5ca24ab79dae4b92fce5fb0b96559d551d2a8df0bb70582a4f6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://adamdeckerinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:37:16 GMT
via: 2 fly.io
vary: Accept
x-cache-status: HIT
x-region: dfw
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 3030
x-frontend: cbb51b06
fly-request-id: 01GA3AZBQQ0D5GWDYPDJARQY9B-nrt
server: Fly/cd446256 (2022-08-09)
x-cachekey: https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2FYMIM-T4-Small-Goals-make-for-Big-Wins-wide.png
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: cbb51b06
x-ratelimit-limit: 101
x-ratelimit-reset: 1
x-git-sha: 1be24179
expires: Wed, 10 Aug 2022 21:05:27 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 8CDA 542 B
646 B 176ms
175ms Document
text/html 23.207.172.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c99cd143.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.172.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-172-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

2d250fab4b20b9e183c07a76a6ec9f63888104d42ef9d7f02a280035a3f5bf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://adamdeckerinsurance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

akamai-grn: 0.c6322d17.1660117036.291031d7
cache-control: no-cache,no-store,must-revalidate,max-age=0
content-encoding: gzip
content-length: 321
content-type: text/html; charset=utf-8
date: Wed, 10 Aug 2022 07:37:17 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1419977911490986

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: peachy.prod.mirus.io
URL: https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
defianceinsurance.com/	1970-01-20 05:10:03	Name: __cheesecrd_version Value: master
defianceinsurance.com/	1970-01-20 13:54:13	Name: keen Value: {%22uuid%22:%22db222d97-a70e-4937-8db1-6a4094403b69%22%2C%22initialReferrer%22:null}
adamdeckerinsurance.com/	1970-01-20 05:10:03	Name: __cheesecrd_version Value: master
.adamdeckerinsurance.com/	1970-01-20 05:08:38	Name: s_gad Value: 1
.demdex.net/	1970-01-20 09:27:49	Name: demdex Value: 59848706633073465953813447927434859684
.adamdeckerinsurance.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 13:54:13	Name: everest_g_v2 Value: g_surferid~YvNgKwAAAITHvgN-
.dpm.demdex.net/	1970-01-20 09:27:49	Name: dpm Value: 59848706633073465953813447927434859684
adamdeckerinsurance.com/	1970-01-20 13:54:13	Name: keen Value: {%22uuid%22:%22ffede6f0-6cc1-424c-bfe8-d5348395bda7%22%2C%22initialReferrer%22:%22https://defianceinsurance.com/%22}
.rlcdn.com/	1970-01-20 13:54:13	Name: rlas3 Value: Z6yuGzI2wpm6DJ+/wT4ltFVwJtkqqQkynkMGHvyuJNc=
.statefarm.com/	1970-01-20 14:44:37	Name: s_ecid Value: MCMID%7C64002372712264195834553327671950024568
.adamdeckerinsurance.com/	1970-01-20 14:44:37	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19215%7CMCMID%7C64002372712264195834553327671950024568%7CMCAAMLH-1660721835%7C11%7CMCAAMB-1660721835%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1660124235s%7CNONE%7CMCSYNCSOP%7C411-19222%7CMCAID%7CNONE%7CvVersion%7C3.1.0
.adamdeckerinsurance.com/	1970-01-20 05:08:38	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m2-lan%3AMR6389YR7AL
.adamdeckerinsurance.com/	1970-01-20 05:08:38	Name: s_pre_v6 Value: adamdeckerinsurance.com
.adamdeckerinsurance.com/	1970-01-20 05:08:38	Name: s_dl Value: 1
.adamdeckerinsurance.com/	1969-12-31 23:59:59	Name: s_cm Value: other%20natural%20referrersundefineddefianceinsurance.com
.adamdeckerinsurance.com/	1970-01-20 14:44:37	Name: s_ev32 Value: %5B%5B%27referring%2520domains%27%2C%271660117035752%27%5D%5D
.adamdeckerinsurance.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fadamdeckerinsurance.com%2F%7Creferrer%3Dhttps%3A%2F%2Fdefianceinsurance.com%2F%7Centry%3Dhttps%3A%2F%2Fadamdeckerinsurance.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-m2-lan%7Cs_prev_ch%3Dagent-micro-m2-lan%7Cs_prev_pn%3DMR6389YR7AL%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-m2-lan%3AMR6389YR7AL%7Cmc%3Dreferring%20domains%7C
.adamdeckerinsurance.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 14:44:37	Name: IDE Value: AHWqTUmzu06_CBsSMC7V9ZIXzLrIEQRSP7nHD8bCVENlJZLmQqRjRnsSII5E_uyYYBU
.adsrvr.org/	1970-01-20 13:54:13	Name: TDID Value: 2ea60e11-d100-4aea-bbc7-8295411e7deb
.adamdeckerinsurance.com/	1970-01-20 09:27:49	Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C11
.adamdeckerinsurance.com/	1970-01-20 05:51:49	Name: aam_uuid Value: 59848706633073465953813447927434859684
.rlcdn.com/	1970-01-20 06:35:01	Name: pxrc Value: CKvAzZcGEgUI6AcQABIGCPHrARAA
.demdex.net/	1970-01-20 09:27:49	Name: dextp Value: 60-1-1660117035497\|771-1-1660117035598\|903-1-1660117035699\|30646-1-1660117035801\|66757-1-1660117035903
.adamdeckerinsurance.com/	1970-01-20 07:18:13	Name: _gcl_au Value: 1.1.1310345584.1660117036
.adamdeckerinsurance.com/	1970-01-20 07:18:13	Name: _fbp Value: fb.1.1660117036014.690771166
.facebook.com/	1970-01-20 07:18:13	Name: fr Value: 0dt0i8KnCpXumVjZX..Bi82As...1.0.Bi82As.
.yahoo.com/	1970-01-20 13:54:34	Name: A3 Value: d=AQABBCxg82ICEN_exjQKM9PIhxHnFpGl6LcFEgEBAQGx9GL9YgAAAAAA_eMAAA&S=AQAAAsppCvxD-2o9KLhp1KYhCcs
.analytics.yahoo.com/	1970-01-20 13:54:13	Name: IDSYNC Value: 1769~26i7
.rubiconproject.com/	1970-01-20 13:54:13	Name: khaos Value: L6NATJGL-21-92CU
.rubiconproject.com/	1970-01-20 13:54:13	Name: audit Value: 1\|k8Tp54cT333d4yUjTeJHqKGXulZPr0LsQ/7Mnt1ISqWrLKOqscwnxtXYmFS3ldQIywZSha382GcwHTRO1/p4iHX0qfg68IpFQAPcN3ARK87RwGdVyMx5WAIzi6mKzzNP1+UCqy1GQ5if73neh3OTXwTivXeG7oCSXcLShoGOiWDREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.adsrvr.org/	1970-01-20 13:54:13	Name: TDCPM Value: CAESEgoDYWFtEgsIqunI4qWr_ToQBRIVCgZnb29nbGUSCwiapr_mpav9OhAFEhkKCnJpZ2h0bWVkaWESCwj-54bmpav9OhAFEhYKB3J1Ymljb24SCwj-54bmpav9OhAFGAUgAygDMgsI_t-Jk7yr_ToQBUIPIg0IARIJCgV0aWVyMRABWgczZGF2YnA0YAE.
.adamdeckerinsurance.com/	1970-01-20 13:54:13	Name: _pin_unauth Value: dWlkPU5EWXlNRGxoWkRRdE9UWmhOQzAwTXpsbUxXRTROR0V0WXpKaE9HTTJOemt4TUdGbA
.krxd.net/	1970-01-20 09:27:49	Name: _kuid_ Value: PAmMJn8K

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
adamdeckerinsurance.com
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
defianceinsurance.com
dpm.demdex.net
ephemera.mirus.io
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mx-api.prod.mirus.io
nexus.ensighten.com
peachy.prod.mirus.io
pixel.rubiconproject.com
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
peachy.prod.mirus.io
100.24.249.189
104.198.70.133
106.10.236.147
13.32.50.49
13.35.45.57
172.217.26.226
172.217.31.134
18.178.22.21
23.207.172.239
2404:6800:4004:810::2008
2404:6800:400a:805::2002
2600:140b:2:9a5::1931
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a09:8280:1::1ce
3.33.220.150
34.69.219.172
35.190.60.146
52.196.162.199
52.199.15.7
52.39.110.34
52.76.23.126
63.140.50.163
8.39.36.142
0239f7cd0376855c4093e2835c105dc753ef4115c3fd1fe6bca6f169640783bc
08d20a2ee48b6892026d9a264b4c45206ccb1018dfb5f1d643d6a10bbd2f974a
100ebc65f0bff28b93cbbf4ed5463986ff9ab738137c032122ce107c0a91a191
10894bf2b92e4a446eb9bf3e2084b91713374a301322d65516c543ba6919c50a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1457dc652a8fc92e5d20eee57d1a58fdad46be32ad237f6c8c241fb24d7302ad
16fb118919205925052c855afdaa9c8b27b598dca09b04662195e1c042d089b9
1769c518c56bb8d5dcabeab076b95f868ab83ed3c4f50d05ddee1a4a29a1bc1a
19e1e92b28231a69431c72b59596acbc8aa6475413354497bf8c73efee57d1db
26a3de92201d66099b227034486c53d8e7e76ff2a275c51b2e9744eb6dbcef40
2d250fab4b20b9e183c07a76a6ec9f63888104d42ef9d7f02a280035a3f5bf5c
32ef18a580126817c9fa0fee0cf3ad389c00be9eff51fbe2e3052bc0e7fe753f
349a7f3df380983f177bbcc2f861306e6f66a25f351c3b32400331c8a11542e3
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3cc5da363d10c71a21ce61a25b353234a80149ca92838224a7871ae9b6215afa
41f8cb4bff704f778c7ae4091174a5f46f2ea1b7c68336d3fdf92cd02da37140
4607f17e29b5ca24ab79dae4b92fce5fb0b96559d551d2a8df0bb70582a4f6aa
4c40d033981e8484e9b2ff6469f614ef90edbfe4edd42627337d13643205d1c8
735702a677dde3f8475e3e177dbb4cb07c2c4270e466fb14abefd8f29fac5633
74e0648d14616401412d2524c3d01eca194f54155c833194cebea9d123671fbf
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d00026d67cde5da6a3c5bcb7a95cb9bd70abf7118738d743579cd5bb78d695e
87a86a4a25c6d4576b1a147e4f0ee7523299ff3beb1739ad5043f4edf19ada19
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
899cc03ce3f490c1341866160d9db339721f42dd4b7c0f6c4c81208deaf3eae4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5d9d4890bbd639db154701d7dfe1e70c5544b368e4470d4a4a83001c24dbaf
9217cf0e2b5960266245f93f0964abd1e067c75142046681000c845c5be02234
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2
a8a0ada2b60f76ca952740d90b0ae94bd12f11f540bd98b115ce7f05b6c42dc3
b0767148ae36034ef04c1540828ef20e17994ced3a07d6f3b0daff4d2d7459d4
bc9a63b3e86121f1fbe5fcf828c4668555e849af8d6434e72679c224015b33c6
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
d5ed161adf652e66652e8f66ce2e5eb5b513c577bb91bcb46e46b8fceb0c2b4a
d6864e05a04774ab84017fb1d612adec5a15cd1998a109ff3f0864432471dff8
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
d9fddeb937813febcf4b1463e7c73f13203b03543e624ec2f17e69f59ec30d70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee7629077a1f2ea339715fee0a0f0e17c3ab9a006d51a3cd677d9210e3f33cf3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad32cb9672046cc1717bc9755aa113ae24f3ca3e574b081f41719d5f5ceb09
f0ce04714ed55b284b3a862b5fd10bf57cd15f8154359d2ec85c928c30cc3836
f40662775ade8d9298d15ee680b57e32dd642d8bce6bab9481bf8aae0fa9bbd0
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

adamdeckerinsurance.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

88 %HTTPS

25 %IPv6

19 Domains

27 Subdomains

18 IPs

4 Countries

1129 kBTransfer

2651 kBSize

35 Cookies

30 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adamdeckerinsurance.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

88 %
HTTPS

25 %
IPv6

19
Domains

27
Subdomains

18
IPs

4
Countries

1129 kB
Transfer

2651 kB
Size

35
Cookies

64 HTTP transactions
0 data transactions