yourburgessteam.com Open in urlscan Pro
34.215.251.134  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response yourburgessteam.com/	16 KB 6 KB	1961ms 1602ms	Document text/html	34.215.251.134 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://yourburgessteam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.215.251.134 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-251-134.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 5abc429f9c336f3f6a9b787edb319b585f57bfbad157893701890d643f8317da Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Feb 2023 16:11:06 GMT server openresty
GET H2	200	app.css yourburgessteam.com/css/	183 KB 39 KB	354ms 354ms	Stylesheet text/css	34.215.251.134 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://yourburgessteam.com/css/app.css?id=779f9dbf2ce235146272 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.215.251.134 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-251-134.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 6d1e51fef0cc2248d449150e076081944e6701a962712a654bb8126dbdc3c87f Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 16:11:07 GMT content-encoding gzip last-modified Tue, 09 Aug 2022 23:05:40 GMT server openresty etag W/"62f2e844-2da7a" content-type text/css
GET H2	200	js Show response www.googletagmanager.com/gtag/	128 KB 50 KB	63ms 26ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-754262507 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5d00f8f48068b0cf3371b70241e0da9035e501089651ac767d7f4a90b12c79ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 16:11:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50719 x-xss-protection 0 last-modified Tue, 07 Feb 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 Feb 2023 16:11:07 GMT
GET H2	200	app.js Show response yourburgessteam.com/js/	1 MB 400 KB	529ms 529ms	Script application/javascript	34.215.251.134 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://yourburgessteam.com/js/app.js?id=0286195379507a96bd09 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.215.251.134 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-251-134.us-west-2.compute.amazonaws.com Software openresty / Resource Hash d8a7e31c226a59b510b6c4dee8f1900c188bea125808e5246e10f47aef6b878d Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 16:11:07 GMT content-encoding gzip last-modified Tue, 09 Aug 2022 23:05:40 GMT server openresty etag W/"62f2e844-147557" content-type application/javascript; charset=UTF-8
GET H2	200	css fonts.googleapis.com/	5 KB 981 B	153ms 23ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:200,400,600 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/css/app.css?id=779f9dbf2ce235146272 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b320e55c0c41ee76bf5f3c749a480060d9c2301dada7b62dcc08e1e36503f9b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Feb 2023 16:11:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Feb 2023 16:11:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Feb 2023 16:11:07 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/754262507/	2 KB 1 KB	112ms 60ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754262507/?random=1675786267691&cv=11&fst=1675786267691&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fyourburgessteam.com%2F&tiba=Keller%20Williams%20-%20Suburban%20Tampa&auid=1296990207.1675786268&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-754262507 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 346b4a3610b842553490c9aaac937f5478757c62e28578f309fbad810c002604 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 07 Feb 2023 16:11:07 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 889 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	106 KB 28 KB	69ms 19ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 07 Feb 2023 16:11:07 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27843 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug R9Gc7hV4iHOoSGidBWEMlPf/uhc012ev1GKoRdTmb62RmS4U5vladtRt0N7UKciosnH/MgLAAXPyeDvuVnizlg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 917726464 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	xfbml.customerchat.js Show response connect.facebook.net/en_US/sdk/	315 KB 89 KB	76ms 27ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6dc74ce9931676076fb9be21b29732fd7b55c1c16924ba9b0a470eb1c7a24ac7 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 07 Feb 2023 16:11:07 GMT content-md5 JbaVcUivc8Ep5fg/gum+IQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 90884 x-fb-rlafr 0 x-fb-debug JRLE0rGzYg6oRqjnGXVUaTuz9ivmomqhNYasmUc/jUqXub1bir/OTfv84OwxqvrgATOAwsfarrHSV6gpz+qx3A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 917726464 x-fb-content-md5 ed162695d06d77c067b3a5f5043fabe7 cross-origin-opener-policy same-origin-allow-popups etag "648fdc6568ae50559dba89654e0d0f84" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Tue, 07 Feb 2023 16:17:32 GMT
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v25/	35 KB 36 KB	60ms 16ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:200,400,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://yourburgessteam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 06 Feb 2023 21:06:33 GMT x-content-type-options nosniff age 68674 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35904 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:34:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 06 Feb 2024 21:06:33 GMT
GET H2	200	1830168830531032 Show response connect.facebook.net/signals/config/	150 KB 41 KB	247ms 246ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1830168830531032?v=2.9.95&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 24ddf42bc145e0515316324578e810fa3bdf4a23c07fc9a15daf308e6224cf1c Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 07 Feb 2023 16:11:08 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug VBMs52eVZUQO0R4W7xBIPKc7QWjFJZaiglR1PFSRp4J9BDMIbxuRN557zWCPBDEhc20cdhi2fDik7uEcpnBFVQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 917726464 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/754262507/	42 B 455 B	142ms 57ms	Image image/gif	2a00:1450:400d:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/754262507/?random=1675786267691&cv=11&fst=1675785600000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fyourburgessteam.com%2F&tiba=Keller%20Williams%20-%20Suburban%20Tampa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2583453268&rmt_tld=0&ipr=y Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 07 Feb 2023 16:11:07 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/754262507/	42 B 455 B	89ms 32ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/754262507/?random=1675786267691&cv=11&fst=1675785600000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fyourburgessteam.com%2F&tiba=Keller%20Williams%20-%20Suburban%20Tampa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2583453268&rmt_tld=1&ipr=y Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 07 Feb 2023 16:11:07 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	inferredevents.js Show response connect.facebook.net/signals/plugins/	72 KB 22 KB	24ms 23ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 07 Feb 2023 16:11:08 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 21972 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug OAJbNpDcSU8XrYtfOjPbnMP6RoXCqxCiFn4dQK0snvAbhjmH60h5ApbGZUHPqAz4JL95gNaz6kyZQ7GfzxMmMQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
OPTIONS H2	200	elastic api.perfectstormnow.com/properties/	0 0	586ms 214ms	Preflight text/html	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/properties/elastic?status=A&propertyType=SF&photo=1&agent=MFR261557440&sort=days&queryString=status%3DA%26propertytype%3DSF%26photo%3D1%26agent%3DMFR261557440%26sort%3Ddays&board=36&token=t-sk63x0yrd5usYhtoTNXb7bII&limit=25&count=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-csrf-token,x-requested-with Access-Control-Request-Method GET Origin https://yourburgessteam.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-csrf-token,x-requested-with access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Feb 2023 16:11:08 GMT server nginx x-robots-tag noindex
OPTIONS H2	200	elastic api.perfectstormnow.com/properties/	0 0	596ms 227ms	Preflight text/html	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/properties/elastic?status=S&propertyType=SF&photo=1&agent[]=MFR261550972&agent[]=MFR261557440&sort=days&queryString=status%3DS%26propertytype%3DSF%26photo%3D1%26agent%3DMFR261550972%252CMFR261557440%26sort%3Ddays&board=36&token=t-sk63x0yrd5usYhtoTNXb7bII&limit=25&count=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-csrf-token,x-requested-with Access-Control-Request-Method GET Origin https://yourburgessteam.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-csrf-token,x-requested-with access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Feb 2023 16:11:08 GMT server nginx x-robots-tag noindex
OPTIONS H2	200	popular-locations api.perfectstormnow.com//site/	0 0	567ms 228ms	Preflight text/html	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com//site/popular-locations Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-csrf-token,x-requested-with Access-Control-Request-Method POST Origin https://yourburgessteam.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-csrf-token,x-requested-with access-control-allow-methods POST access-control-allow-origin * cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Feb 2023 16:11:08 GMT server nginx x-robots-tag noindex
GET H2	200	elastic Show response api.perfectstormnow.com/properties/	365 B 652 B	375ms 374ms	XHR application/json	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/properties/elastic?status=A&propertyType=SF&photo=1&agent=MFR261557440&sort=days&queryString=status%3DA%26propertytype%3DSF%26photo%3D1%26agent%3DMFR261557440%26sort%3Ddays&board=36&token=t-sk63x0yrd5usYhtoTNXb7bII&limit=25&count=0 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 918e766c9989521da275f0285d50d003d5f0f25edb793a37ef6b342fe4512e64 Request headers Accept application/json, text/plain, */* Referer https://yourburgessteam.com/ X-Requested-With XMLHttpRequest X-CSRF-TOKEN 1fMQpz3Xd7IpzDKVtrBv7sjKQoFvg5AihT6ZIoRs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 16:11:09 GMT server nginx access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT content-type application/json access-control-allow-origin * cache-control no-cache, private access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-Requested-With, X-Auth-Token, Content-Type
GET H2	200	elastic Show response api.perfectstormnow.com/properties/	246 KB 247 KB	583ms 581ms	XHR application/json	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/properties/elastic?status=S&propertyType=SF&photo=1&agent[]=MFR261550972&agent[]=MFR261557440&sort=days&queryString=status%3DS%26propertytype%3DSF%26photo%3D1%26agent%3DMFR261550972%252CMFR261557440%26sort%3Ddays&board=36&token=t-sk63x0yrd5usYhtoTNXb7bII&limit=25&count=0 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 57a71100cb64b8ae89a99d1272e53df07fc36b08a15bced56a74db8bfd407c99 Request headers Accept application/json, text/plain, */* Referer https://yourburgessteam.com/ X-Requested-With XMLHttpRequest X-CSRF-TOKEN 1fMQpz3Xd7IpzDKVtrBv7sjKQoFvg5AihT6ZIoRs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 16:11:09 GMT server nginx access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT content-type application/json access-control-allow-origin * cache-control no-cache, private access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-Requested-With, X-Auth-Token, Content-Type
POST H2	200	popular-locations Show response api.perfectstormnow.com//site/	541 B 828 B	493ms 491ms	XHR application/json	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com//site/popular-locations Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 775a0a2f19fe0393e3cced1b5096ccefc2659d25c063abdf350884774e7fc42e Request headers Accept application/json, text/plain, */* Referer https://yourburgessteam.com/ X-Requested-With XMLHttpRequest X-CSRF-TOKEN 1fMQpz3Xd7IpzDKVtrBv7sjKQoFvg5AihT6ZIoRs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/json Response headers date Tue, 07 Feb 2023 16:11:09 GMT server nginx access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT content-type application/json access-control-allow-origin * cache-control no-cache, private access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-Requested-With, X-Auth-Token, Content-Type
GET H/1.1	200 OK	company-info-61bb7851ef321.png pscrm.s3-us-west-1.amazonaws.com/company-info/344/466/	38 KB 38 KB	616ms 210ms	Image image/png	3.5.162.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pscrm.s3-us-west-1.amazonaws.com/company-info/344/466/company-info-61bb7851ef321.png Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.162.161 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 2dc38fb05f32c08e3a8113ff157131ee1ce7a45cf37f249ef20cb396369798dd Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 07 Feb 2023 16:11:09 GMT Last-Modified Thu, 16 Dec 2021 17:33:07 GMT Server AmazonS3 x-amz-request-id 1CFG8FHG9NXRQ3XB ETag "b41d4482cc993c6c049a70eb7b831ef6" Content-Type image/png Accept-Ranges bytes Content-Length 38946 x-amz-id-2 21wAGqkvBOdoYe3pdNFcpjcUGtPJlp8XqR6mmDM1O4x6oAwcdUv41x9sG1oBpZ+qAsk3XcGccbsngQLhKw/HtQ==
GET H2	200	qg31q7Khn69AMrH32e0ohEtsCpz62mYNFt9l0hl6.png properties.perfectstormnow.com/36/logo/	15 KB 16 KB	165ms 14ms	Image image/png	13.225.78.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://properties.perfectstormnow.com/36/logo/qg31q7Khn69AMrH32e0ohEtsCpz62mYNFt9l0hl6.png Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-42.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash c6d8113c0423b082f9e01dffa2624b44ae15e0f79036dc141f320d37abcae240 Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 10:30:06 GMT via 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront) last-modified Thu, 07 Jul 2022 00:51:28 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 20463 etag "676203417c0d728900a24be150160fd6" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 15606 x-amz-cf-id F-9KUTvU2PR2-jbSqiRN28ZUc68l1yRbwHsuhq3O8yN3XfzixFcUQg==
GET H/1.1	200 OK	homepage-633f2e761de09.jpg pscrm.s3-us-west-1.amazonaws.com/homepage/344/466/	880 KB 881 KB	1340ms 219ms	Image image/jpeg	3.5.162.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pscrm.s3-us-west-1.amazonaws.com/homepage/344/466/homepage-633f2e761de09.jpg Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.162.161 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash d30e73c5371496011e1ee75b4de625db7347f3d9ee9674f039fca62b8d6aa0ac Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 07 Feb 2023 16:11:10 GMT Last-Modified Thu, 06 Oct 2022 19:37:27 GMT Server AmazonS3 x-amz-request-id 4KR5HEEV4Z8TKT7C ETag "898f3175b977a57feb4a7b0d60b133fa" x-amz-server-side-encryption AES256 Content-Type image/jpeg Accept-Ranges bytes Content-Length 901583 x-amz-id-2 UZqnDHJPmPyDevPMJVqUVsUqI8gRKzcVaXol8/tQIsFIeOKVjd4CBwY7tWbOOK5DCjfkgP7wib6KpeIUk4VslA==
GET H2	206	showcase-one.mp4 clientwebsite.perfectstormnow.com/video/	38 KB 0	143ms 22ms	Media video/mp4	13.224.189.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientwebsite.perfectstormnow.com/video/showcase-one.mp4 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-16.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://yourburgessteam.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Range bytes=0- Response headers date Tue, 07 Feb 2023 15:50:21 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 07 Nov 2018 20:49:20 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 1248 etag "97b68764efdbab67b482ba103f6547ff" x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 0-47273330/47273331 accept-ranges bytes x-amz-cf-id RBqd7rtKKbY-a4_8PDhdkBsgPdPBTcLgtOf0E1LANUAFlHVHsYK7eA== Content-Length 47273331
GET H2	200	/ www.facebook.com/tr/	0 185 B	67ms 15ms	Image text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1830168830531032&ev=PageView&dl=https%3A%2F%2Fyourburgessteam.com%2F&rl=&if=false&ts=1675786268385&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1675786268384.1506365172&it=1675786267801&coo=false&rqm=GET Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://yourburgessteam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 07 Feb 2023 16:11:08 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	206	showcase-one.mp4 clientwebsite.perfectstormnow.com/video/	21 KB 22 KB	53ms 49ms	Media video/mp4	13.224.189.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientwebsite.perfectstormnow.com/video/showcase-one.mp4 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-16.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash b40374706d6a623c0687feac00bf932c0badc272fb5f133a898dd90c3f6a9468 Request headers Referer https://yourburgessteam.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Range bytes=47251456- Response headers date Tue, 07 Feb 2023 15:01:36 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 07 Nov 2018 20:49:20 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 29410 etag "97b68764efdbab67b482ba103f6547ff" vary Accept-Encoding x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 47251456-47273330/47273331 accept-ranges bytes x-amz-cf-id oWTpuYZbRN4R8ac4jnzss6a6c9FKdy6FEJD-3iOOMkxZrwfQzN7ieA== Content-Length 21875
GET H2	206	showcase-one.mp4 clientwebsite.perfectstormnow.com/video/	20 MB 0	25ms 24ms	Media video/mp4	13.224.189.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientwebsite.perfectstormnow.com/video/showcase-one.mp4 Requested by Host: yourburgessteam.com URL: https://yourburgessteam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-16.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://yourburgessteam.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Range bytes=32768- Response headers date Tue, 07 Feb 2023 15:50:21 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 07 Nov 2018 20:49:20 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 1248 etag "97b68764efdbab67b482ba103f6547ff" x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 32768-47273330/47273331 accept-ranges bytes x-amz-cf-id fcTVjv2S8W_znwpXEY4pW5rxSaejdblGkRuFCMnIfFzBgawiihvz8A== Content-Length 47240563

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| GooglebQhCsO function| fbq function| _fbq object| ps object| FB object| webpackChunk object| FontAwesomeConfig object| ___FONT_AWESOME___ function| bugsnag function| _ object| querystring function| flickity function| Cookies function| moment function| Popper object| smoothscroll function| jQuery function| $ object| bugsnagClient function| axios object| bugsnagVue object| Base64 object| regeneratorRuntime

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			yourburgessteam.com/	1970-01-20 10:10:05	Name: XSRF-TOKEN Value: eyJpdiI6ImdPb3RqTWFhUDc2cmJCLzJYS2crL1E9PSIsInZhbHVlIjoiUGRIejloOEt3NURMaHhuZjlkSk5MVU1YTHgvUExLSzY1blI1bEplWTEzY0JTZDJBeFlkNHEwZVU2MkdRNnhWSXBMeFUzWEhHNXorY3hVNjZ4VkdudjRhdUdsaEVqS0NwSFBVOXFIQ0ZZRWRKMTVmVy8xMktpQVVDZXBaYTJQZjAiLCJtYWMiOiIxYzU3NjZlYzkzOWMxZDQ3ODZkYzIzN2U1MTc0Y2VkYzZlNGRmZTE4YTBjOTBkZDQyODQwOTNjNmZiZWZiOWM2IiwidGFnIjoiIn0%3D
			yourburgessteam.com/	1970-01-20 10:10:05	Name: perfect_storm_client_website_session Value: eyJpdiI6IlJ2T3MvL0o5UU84YWtNUnZCVGdQOXc9PSIsInZhbHVlIjoiQjRibTFBK01kQkVyZUZrbEtTZWtKT2FlVTkzeHc0VnlIeEpBWjdvMVEvQ3VMNUJuSVhpZU1yMXk4Wm1UeStKK3VkVG1DRkFPTEJ2WVFjWEsyREdkUi9KcFJpQmdYLzVwYm1xS0lldXhsczhZN3REYi95TkpDOGYvUHYrTnRuSmEiLCJtYWMiOiJlMWRjZWY3YTNmNzc5ZmRhOTg1YTQxZTU5OTQ0NTc1ZTU4NWJiYTIyYTUyYjhhODEzZGY1ZjcyMzI0YjE2ODJhIiwidGFnIjoiIn0%3D
			.yourburgessteam.com/	1970-01-20 11:39:22	Name: _gcl_au Value: 1.1.1296990207.1675786268
			.doubleclick.net/	1970-01-20 09:29:47	Name: test_cookie Value: CheckForPermission
			.yourburgessteam.com/	1970-01-20 11:39:22	Name: _fbp Value: fb.1.1675786268384.1506365172

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.perfectstormnow.com
clientwebsite.perfectstormnow.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
properties.perfectstormnow.com
pscrm.s3-us-west-1.amazonaws.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
yourburgessteam.com
13.224.189.16
13.225.78.42
13.57.143.63
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400d:808::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.5.162.161
34.215.251.134
24ddf42bc145e0515316324578e810fa3bdf4a23c07fc9a15daf308e6224cf1c
2dc38fb05f32c08e3a8113ff157131ee1ce7a45cf37f249ef20cb396369798dd
346b4a3610b842553490c9aaac937f5478757c62e28578f309fbad810c002604
57a71100cb64b8ae89a99d1272e53df07fc36b08a15bced56a74db8bfd407c99
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5abc429f9c336f3f6a9b787edb319b585f57bfbad157893701890d643f8317da
5d00f8f48068b0cf3371b70241e0da9035e501089651ac767d7f4a90b12c79ae
6d1e51fef0cc2248d449150e076081944e6701a962712a654bb8126dbdc3c87f
6dc74ce9931676076fb9be21b29732fd7b55c1c16924ba9b0a470eb1c7a24ac7
775a0a2f19fe0393e3cced1b5096ccefc2659d25c063abdf350884774e7fc42e
918e766c9989521da275f0285d50d003d5f0f25edb793a37ef6b342fe4512e64
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
b320e55c0c41ee76bf5f3c749a480060d9c2301dada7b62dcc08e1e36503f9b3
b40374706d6a623c0687feac00bf932c0badc272fb5f133a898dd90c3f6a9468
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c6d8113c0423b082f9e01dffa2624b44ae15e0f79036dc141f320d37abcae240
d30e73c5371496011e1ee75b4de625db7347f3d9ee9674f039fca62b8d6aa0ac
d8a7e31c226a59b510b6c4dee8f1900c188bea125808e5246e10f47aef6b878d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629