wittagency.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wittagency.com/
Submission: On August 31 via api (August 31st 2024, 11:40:28 am UTC) from US — Scanned from US

Summary HTTP 72 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 24 IPs in 1 countries across 18 domains to perform 72 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is wittagency.com.
TLS certificate: Issued by R10 on August 23rd 2024. Valid for: 3 months.

This is the only time wittagency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	2a09:8280:1::... 2a09:8280:1::42:4195	40509 (FLY) (FLY)
1	3.225.83.130 3.225.83.130	14618 (AMAZON-AES) (AMAZON-AES)
4	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
4	117.18.238.236 117.18.238.236	15133 (EDGECAST) (EDGECAST)
2	18.164.96.41 18.164.96.41	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211c:2c00:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	52.72.27.52 52.72.27.52	14618 (AMAZON-AES) (AMAZON-AES)
4	18.238.55.18 18.238.55.18	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:46::84 2a04:4e42:46::84	54113 (FASTLY) (FASTLY)
1	108.138.114.112 108.138.114.112	16509 (AMAZON-02) (AMAZON-02)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
1	3.89.169.13 3.89.169.13	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.38.138 63.140.38.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.209.1.129 3.209.1.129	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	107.20.68.222 107.20.68.222	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.198.70.133 104.198.70.133	() ()
72	24

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

wittagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.83.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-83-130.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 117.18.238.236 (Phoenix, United States)

ASN15133 (EDGECAST, US)

online.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-41.jfk50.r.cloudfront.net

deel-id-persistence.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211c:2c00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.72.27.52 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-27-52.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.55.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-18.jfk52.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:46::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.114.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-114-112.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.89.169.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-169-13.compute-1.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.138 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-138.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.1.129 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-1-129.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.68.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-68-222.compute-1.amazonaws.com

id-persistence.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (None, )

ASN- ()

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 658086 peachy.prod.mirus.io	586 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 5862	73 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	710 B
5	statefarm.com online.statefarm.com — Cisco Umbrella Rank: 143941 apps.statefarm.com — Cisco Umbrella Rank: 92779 smetrics.statefarm.com — Cisco Umbrella Rank: 85192	4 KB
5	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 415750 deel-id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 127319 id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 128071	29 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 124976	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	168 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	884 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	253 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	236 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 238
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2631	6 KB
1	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 19181	5 KB
1	wittagency.com wittagency.com	155 KB
72	18

	Domain	Requested by
26	ephemera.mirus.io	wittagency.com
6	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com wittagency.com
4	tr.snapchat.com	sc-static.net
4	connect.facebook.net	wittagency.com connect.facebook.net
3	dpm.demdex.net	1 redirects wittagency.com
2	peachy.prod.mirus.io	wittagency.com
2	www.facebook.com	wittagency.com
2	ct.pinterest.com	s.pinimg.com
2	id-persistence.deel.c1.statefarm	deel-id-persistence.deel.c1.statefarm
2	smetrics.statefarm.com	nexus.ensighten.com wittagency.com
2	s.pinimg.com	wittagency.com s.pinimg.com
2	apps.statefarm.com	static1.st8fm.com
2	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com
2	deel-id-persistence.deel.c1.statefarm	invocation.deel.c1.statefarm nexus.ensighten.com
1	tr6.snapchat.com	sc-static.net
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	sc-static.net	wittagency.com
1	js.adsrvr.org	www.googletagmanager.com
1	static1.st8fm.com	invocation.deel.c1.statefarm
1	online.statefarm.com	invocation.deel.c1.statefarm
1	invocation.deel.c1.statefarm	wittagency.com
1	wittagency.com
72	26

This site contains links to these domains. Also see Links.

Domain
apps.statefarm.com
proofing.statefarm.com
brokercheck.finra.org
www.google.com
get-id-card.delitess.c1.statefarm
www.statefarm.com
financials.statefarm.com
static1.st8fm.com
trupanion.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
wittagency.com R10	`2024-08-23` - `2024-11-21`	3 months	crt.sh
ephemera.mirus.io E5	`2024-07-21` - `2024-10-19`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-09` - `2024-09-07`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
deel-id-persistence.deel.c1.statefarm Amazon RSA 2048 M02	`2024-07-01` - `2025-07-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
id-persistence.deel.c1.statefarm Amazon RSA 2048 M02	`2024-03-25` - `2025-04-23`	a year	crt.sh
peachy.prod.mirus.io R11	`2024-08-06` - `2024-11-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://wittagency.com/
Frame ID: BEC3EF48882B268C2B803A4B9CB0A636
Requests: 66 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: BFACD3B9B9368D9868D71F457E145F9E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-3WRNTYXP84&gacid=834328021.1725104423&gtm=45je48s0v9178161793z8849799669za200zb849799669&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=529108989
Frame ID: 6F6B8EC2B976EED779678EBE6AECD99F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=a77843fc-5f54-44ea-b607-6970742c6962&u_sclid=0cda5e38-7d51-4b34-85b8-af38529ace05
Frame ID: 70A32170629870D6840F9456E8B8F939
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

State Farm Insurance Agent Bob Witt in Tucson AZ

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

72
Requests

96 %
HTTPS

33 %
IPv6

18
Domains

26
Subdomains

24
IPs

1
Countries

1316 kB
Transfer

3362 kB
Size

35
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.statefarm.com/CustomerRegistrationUI/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA’s BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=32.352234%2C-110.972479&query_place_id=ChIJ_RXvCdkN1oYRRtHIdrV4Wko
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/retrieve-saved-quotes/
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/safety/the-real-consequences-of-drunk-driving#agentAssociateId=CGXNB3BT000
Title: The Real Consequences of Drunk Driving

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/what-to-know-when-buying-your-dream-classic-car#agentAssociateId=CGXNB3BT000
Title: In the market for a classic car? Here's the buyer's guide you need

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/retirement/cashing-out-your-401k-or-getting-loan#agentAssociateId=CGXNB3BT000
Title: Cashing out your 401k or taking a 401k loan: What you need to know

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/#agentAssociateId=CGXNB3BT000
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1725104422048 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1725104422048

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=86908629466016156473329225000773246013 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtMBJwAAAHvPDAN-

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wittagency.com/ 576 KB
155 KB 584ms
251ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 860897dc7fd9f3850a221f64bd3a4094cf19fd31404f4fc51be2905bb5c93544

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Sat, 31 Aug 2024 11:40:20 GMT
etag: "5b580703fc89da12c2e80daee5fb333d"
expires: Sat, 31 Aug 2024 11:40:50 GMT
last-modified: Fri, 30 Aug 2024 14:52:38 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:wittagency.com/
x-cheesecrd-path: /
x-goog-generation: 1725029558311522
x-goog-hash: crc32c=3wTRgg== md5=W1gHA/yJ2hLC6A2u5fszPQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 157817
x-guploader-uploadid: AD-8lju5npaCYR51uPxRP0Gk2gQSfN2TjeR5s6ORt9QRcpJZkl_mlQiQixnQVh03TfTnu8_6WGH91ciq3w

GET
H2 200 wittagency.com-header-e683868e057d8d259712d98075fb0f90.png
ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/ 48 KB
48 KB 307ms
133ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-header-e683868e057d8d259712d98075fb0f90.png

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

380ed2fb6e837d7dd401c15393c16c7551837347bccc38e9f4ec32d2be7aca7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RXZ2492FYCVQ1PHS1NNK-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 1200x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-header-e683868e057d8d259712d98075fb0f90.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 48792
expires: Fri, 30 May 2025 22:20:47 GMT

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 11 KB
5 KB 427ms
159ms Script
text/javascript 3.225.83.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.225.83.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-83-130.compute-1.amazonaws.com
Software: /
Resource Hash: 2cf1e6f93358c44cb9f8987bb8f38b8e99a3df46eb129fb3567269f8e100aac0

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
x-amzn-requestid: 0713a054-e115-4aa2-b866-7461588eeb94
x-amzn-trace-id: Root=1-66d30124-693f3b051b8857f02ced8cd1;Parent=377cfc5456bf1a8f;Sampled=0;lineage=1:bfbe80d8:0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
content-type: text/javascript
access-control-allow-origin: *
server-timing: generated;dur=6.533165999688208
x-amz-apigw-id: dX0d0GA5IAMERLQ=
content-length: 4981
access-control-allow-headers: Content-Type, Referer

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 288ms
138ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

d1a4eb8548fca8bfed01a4a14fa1be680ef6e874aefd8794918d2d537b8b1e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 11:40:20 GMT
content-md5: FW5iFO1PURRE4nJ8h+91Kg==
document-policy: force-load-at-top
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8040, tp=13, tpl=0, uplat=0, ullat=-1
x-fb-debug: wzZtn1rYayMpMXQ3uH6yyEGN/jvmk83IyxgKrzjWtI7CpR9MCGBihQSg/75iGRj5JaPZiN8oYkId5RssrB5jVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ddede1d43e7e3963543db614812b6a21
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "1aa26ba53213361b9aacae46225ae64a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 31 Aug 2024 11:47:30 GMT

GET
H2 200 wittagency.com-header-e683868e057d8d259712d98075fb0f90.png
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/ 15 KB
15 KB 301ms
132ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-header-e683868e057d8d259712d98075fb0f90.png

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

c47d26ca41305e3938f70e11da546ad9de84881117d5e7e169204ed94e63886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RXZ11856XTJDSTSM9G4Q-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-header-e683868e057d8d259712d98075fb0f90.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 5683d015bd1978
x-region: sea
content-disposition: inline
content-length: 15332
expires: Sun, 17 Aug 2025 10:04:10 GMT

GET
H2 200 CGXNB3BT000_agent_avatar_20240123223759Z_wittagency_com_qbfhxqydju.jpg
ephemera.mirus.io/imgr/50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 870 B
1 KB 458ms
290ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/CGXNB3BT000_agent_avatar_20240123223759Z_wittagency_com_qbfhxqydju.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

cbcbbda071d847d153bc97e27ce20dcd44474d42eb6fba33fa7077309a5b8872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RXZ1PEGVJ67YC472SG8V-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 50x5/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/CGXNB3BT000_agent_avatar_20240123223759Z_wittagency_com_qbfhxqydju.jpg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 870
expires: Sat, 31 Aug 2024 05:41:00 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/ 31 KB
32 KB 285ms
131ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
via: 2 fly.io
age: 23
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-SemiBold.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nO7Z2JyJR7F0Fu4Sog8Nza7j-OrsI5lxlUPEqPEbdUfvy87zc1oXyi-A5psm5eqU50LnyHw3qgb7g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32208
last-modified: Thu, 08 Aug 2024 14:04:39 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RXZ1XT159GR2WBQVHYY4-lax
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-generation: 1723125879031005
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32208
x-instance: 5683d015bd1978
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:19 GMT

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/ 31 KB
31 KB 326ms
173ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
via: 2 fly.io
age: 43
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-Bold.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nNY3bVBH5AqoWjX3ungZcj3XfOK57Lm36RInJnWt0fCJcNGOdJ-yYBN6_YUquVhZypLbMV3Gjwn5w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31812
last-modified: Thu, 08 Aug 2024 14:04:38 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RXZ15JR7E427RQBDEHNH-lax
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-generation: 1723125878315341
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 31812
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:20 GMT

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/ 31 KB
32 KB 447ms
295ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-Regular.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nN-Fiw9cDiA6mb_od2A_ov7NZVPZC_WdmNcJMqElvi_plfMt2OHeobhB2GlvnmNvosgB1e2YAArrA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31948
last-modified: Thu, 08 Aug 2024 14:04:38 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RXZ1XZWZJ7W5H8WJFWVS-lax
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-generation: 1723125878792891
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 31948
x-instance: 5683d015bd1978
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:16:23 GMT

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/ 31 KB
32 KB 285ms
132ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleSans-Medium.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOyEbWkg3_ML7ZH4CZbah3tsm7XWR5lJBtMxDYm-c9ZQuxXpWoqLzZJbaE-3ghLM_2YkQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32200
last-modified: Thu, 08 Aug 2024 14:04:38 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RXZ1JANZH1SYAE5YH5YC-lax
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-goog-generation: 1723125878558317
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32200
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:20 GMT

GET
H2 200 wittagency.com-sidebar-md-2bcd6faa24532d254475cce3ec37a0cc.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/ 3 KB
3 KB 193ms
192ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-sidebar-md-2bcd6faa24532d254475cce3ec37a0cc.png

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

93103eec9f82571aa47fdb528b7e43cc375395be4b7d115ffaf0f64818523492

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RY1YQ5C0TWKJB5W8C32B-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-sidebar-md-2bcd6faa24532d254475cce3ec37a0cc.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 2852
expires: Fri, 16 May 2025 17:06:09 GMT

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/ 10 KB
10 KB 197ms
196ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RY2866V30XD222GT8586-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 9952
expires: Sat, 31 Aug 2024 12:12:05 GMT

GET
H2 200 275-buy-dream-classic-car-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 16 KB
16 KB 197ms
197ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/275-buy-dream-classic-car-wide.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

16aec2c54d798f4468cbdcbe5d0642a2d89f985b2ee760e6404f8395d1874355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RY282B2ZP6NTCR9MYCZN-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/275-buy-dream-classic-car-wide.jpg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 16226
expires: Thu, 15 Aug 2024 04:39:32 GMT

GET
H2 200 147-loan-from-401k-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 13 KB
13 KB 197ms
197ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/147-loan-from-401k-wide.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

d7a857d393495b28f849d18c67cd7fb823b1e000a92d3050150128fdf1d0f9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RY28Q2NTHW8QKT08FS2B-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/147-loan-from-401k-wide.jpg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 13116
expires: Thu, 15 Aug 2024 05:30:53 GMT

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 3 KB
2 KB 194ms
194ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/alpineFileInput.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/alpineFileInput.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nNunDI6O2lQ_J3udntU-wVr2ns0lcmBtgk5lGD8jKECLIcQhBCkDDKrEgfXTzgXWVIpkA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1421
last-modified: Thu, 08 Aug 2024 14:04:46 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY284TW8ZSK1NS30N2PJ-lax
etag: "469709b06cd36df653f77e5f7715c363"
vary: Accept-Encoding
x-goog-generation: 1723125886853676
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=1UwfBQ==, md5=RpcJsGzTbfZT935fdxXDYw==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 1421
x-instance: 5683d015bd1978
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:42 GMT

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 57 KB
20 KB 229ms
228ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/alpine.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
age: 20
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/alpine.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOyx26m0gWU5nVukVN4hW9tLB7RCl0lUvnSlJJfpp6uvy5MmjIxiGqhq4IqPjwEvjlO1LlUH_Ot2Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20468
last-modified: Thu, 08 Aug 2024 14:04:46 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY2GGNGYHTNX62B2E0Q0-lax
etag: "325cb81db127575cff63b2c1e7498924"
vary: Accept-Encoding
x-goog-generation: 1723125886725752
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=LzHgoA==, md5=Mly4HbEnV1z/Y7LB50mJJA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20468
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:22 GMT

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 8 KB
4 KB 258ms
257ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/lazysizes.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/lazysizes.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nP-QkvgevJeD1vw-VicImtBa1oBZ8u6BZWRSE2rx5X_HjaXUyELvMUR6ZG_elis6SaZzRCSahwJdA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3734
last-modified: Thu, 08 Aug 2024 14:04:46 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY2GC0CNGNB1K196YG9A-lax
etag: "2fb010765186417da12346886fba3121"
vary: Accept-Encoding
x-goog-generation: 1723125886964974
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=tVVvrw==, md5=L7AQdlGGQX2hI0aIb7oxIQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 3734
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:16:21 GMT

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 471 B
643 B 259ms
258ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/scrollToElement.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/scrollToElement.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nPodgwdJWyhFMtX0SK_3d-sG31A_2t1YStEzA-KmOcznQteAXcif0fI2pXyUEB3IjsYcw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
last-modified: Thu, 08 Aug 2024 14:04:47 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY2G0716V5CGZQBT0ACP-lax
etag: "927818f6cd4025e3656bc64ae6878d1a"
vary: Accept-Encoding
x-goog-generation: 1723125887018304
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=RSR0kQ==, md5=kngY9s1AJeNla8ZK5oeNGg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 305
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:42 GMT

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 3 KB
2 KB 257ms
256ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/utils.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
age: 20
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/utils.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nMQ8wJ9-qgy-YlrsKkkQ1PGPYTpYaJUXksdj276g-RaWkfZ4UC_Rp281tb8MFunxKZ19g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1392
last-modified: Thu, 08 Aug 2024 14:04:47 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY2GY4D8VBXWEP8MWVTS-lax
etag: "af8943f8f7980b8b5d0fb4d5354419d0"
vary: Accept-Encoding
x-goog-generation: 1723125887139511
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=4ONwJg==, md5=r4lD+PeYC4tdD7TVNUQZ0A==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 1392
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:22 GMT

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 122 B
466 B 263ms
262ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/svgIcon.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/svgIcon.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nNCfowLU21tuh7kWZvnZwhv27x9w7UXIl4R_DoazTvzZ9ayDX9FQ7DPhRdlCpuw5uaSN9oOHET51g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
last-modified: Thu, 08 Aug 2024 14:04:47 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY2HNVZCJZV3NJ1YS6PR-lax
etag: "9c19d54efaecc0a7511f297f8974b2fd"
vary: Accept-Encoding
x-goog-generation: 1723125887073866
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=eftfvQ==, md5=nBnVTvrswKdRHyl/iXSy/Q==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 134
x-instance: 5683d015bd1978
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:42 GMT

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/ 112 KB
40 KB 193ms
192ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/alpineContactForm.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 139003a0cda76e6576be534832e4aa70774e96e1e580f0b66ac887a4af9d4b28

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
content-encoding: gzip
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/js/alpineContactForm.js
x-cache-status: HIT
x-guploader-uploadid: AHxI1nOwJ-xDbknEAdwAFwGW-fBiq1ujSenmqDu1wZt0kOP1UZbxYCxRveXpolbjzDLCLjc3mGbHXxdOBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40209
last-modified: Thu, 08 Aug 2024 14:04:46 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY2B73FKRPYTVSCMX8F2-lax
etag: "83f55e5213c6624dda84a32d44675371"
vary: Accept-Encoding
x-goog-generation: 1723125886795609
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=SdcHfA==, md5=g/VeUhPGYk3ahKMtRGdTcQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 40209
x-instance: 5683d015bd1978
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:42 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 138ms
137ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ccd1cdff6c26ea075c1ad7d16e7b8f1c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

ae0f56da91944a1aba01b4c27a20b2a633b1d1159cbfea68d2b6b184abb35741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 11:40:20 GMT
content-md5: aFh5nmwBzkL+MiiRoG/GeA==
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89219
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=29, mss=1232, tbw=12076, tp=22, tpl=0, uplat=0, ullat=-1
x-fb-debug: fkhxrK+n/SRB5x+ZYG4zj67BhoRr8+wuQqLfTUfARtAp+8aqCeL0g3ncTpEKi+7sDZSDqd4gzfCPWxhEBa0h9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 32f1f4b71051cdf964128ddc9d2e09ca
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "265925b187fbe15d0755b9828b85bde8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 31 Aug 2025 10:23:56 GMT

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1 KB
2 KB 467ms
229ms Fetch
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C4B) /

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:20 GMT
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
server: ECAcc (dac/9C4B)
x-edg-version: 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-frame-options: DENY
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=lac"}]}
content-type: text/html
access-control-allow-origin: https://wittagency.com
x-edg-mr: 72:0;72:6;72:7;72:9;
server-timing: edgio_cache;desc=TCP_MISS,edgio_pop;desc=lac,edgio_country;desc=US,experiments;desc=%7B%22PASSTHROUGH_1714088154443%22%3Anull%2C%22MIGRATION_Duplicate_1723765464833%22%3Anull%7D
content-length: 1233
x-request-id: 1269024028787114592013499822063642019040, 1269024028787114592013499822063642019040

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/ 32 KB
33 KB 105ms
103ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleLegal-Medium.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nN2MEXPpqierrsNdaR4ff6haFVrlsMEmTyPvt_3bm5Bb3uGIFfD0NZjiA-H0dHsRs23hG-xqM8nBg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32960
last-modified: Thu, 08 Aug 2024 14:04:37 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY96372K466H1H75K6RH-lax
etag: "5c321170479a815ab790c771bcc8f1d3"
x-goog-generation: 1723125877810246
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32960
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:16:10 GMT

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/ 32 KB
32 KB 126ms
126ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e42c399f (2024-08-28) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/1800615460c23507d9f32a5a2552b01d6acf7753/fonts/sf/MecherleLegal-Regular.woff2
x-cache-status: HIT
x-guploader-uploadid: AHxI1nMdTrKK0wi_muFDpVjG9MtmUyYvqc0Z3xcKTBwoxm1GhxzyeHNDRwfCJZ1X_SNuWlJWsQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: sea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32844
last-modified: Thu, 08 Aug 2024 14:04:38 GMT
server: Fly/e42c399f (2024-08-28)
fly-request-id: 01J6M3RY96SC6FJ6VZ3T1386PP-lax
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-generation: 1723125878067641
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32844
x-instance: e286031ae11078
accept-ranges: bytes
expires: Fri, 08 Aug 2025 14:15:21 GMT

GET
H2 200 wittagency.com-header-e683868e057d8d259712d98075fb0f90.png
ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/ 96 KB
96 KB 105ms
103ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-header-e683868e057d8d259712d98075fb0f90.png

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

744af589540875e08eecefd9dd21525f8c2cf66f55a4319d1cda41c9a08f189a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RYEVF4PH3S7DQSBE5866-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 1920x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-header-e683868e057d8d259712d98075fb0f90.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 98496
expires: Fri, 30 May 2025 22:28:29 GMT

GET
H2 200 CGXNB3BT000_agent_avatar_20240123223759Z_wittagency_com_qbfhxqydju.jpg
ephemera.mirus.io/imgr/250x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 6 KB
6 KB 105ms
104ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/CGXNB3BT000_agent_avatar_20240123223759Z_wittagency_com_qbfhxqydju.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

dcdd091c84eaa333bf7f2cb40ca8ce467e23934c5d8a4fc569b9a397ac61c7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RYEW68C0S82ETS9X396G-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 250x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/CGXNB3BT000_agent_avatar_20240123223759Z_wittagency_com_qbfhxqydju.jpg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
x-instance: 5683d015bd1978
x-region: sea
content-disposition: inline
content-length: 6180
expires: Tue, 27 Aug 2024 19:27:29 GMT

GET
H2 200 wittagency.com-sidebar-md-2bcd6faa24532d254475cce3ec37a0cc.png
ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/ 64 KB
64 KB 106ms
105ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-sidebar-md-2bcd6faa24532d254475cce3ec37a0cc.png

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

e88680cf795f76c86b289724e27e4c25e501cf9801a27bd2cd23aa08027ef321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RYEWHT65TDGE4XH2E7WG-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/wi/wittagency.com/wittagency.com-sidebar-md-2bcd6faa24532d254475cce3ec37a0cc.png--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: public,max-age=31536000,immutable
x-instance: 5683d015bd1978
x-region: sea
content-disposition: inline
content-length: 65122
expires: Fri, 16 May 2025 17:06:14 GMT

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/250x0/https://static1.st8fm.com/en_US/img/si/750/ 13 KB
13 KB 153ms
152ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

533160fc8f62238d2dd70b44c6b93f7d6935320e2c38a5d236fb7b78ad148838

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RYEWVAA75EYXBWF719S1-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 250x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
x-cache-status: HIT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 13050
expires: Sat, 31 Aug 2024 12:22:50 GMT

GET
H2 200 275-buy-dream-classic-car-wide.jpg
ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 23 KB
23 KB 105ms
104ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/275-buy-dream-classic-car-wide.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

134dccc183c867c9172435976c18a5e1bde4fbadf959f579a0e60a256c19c460

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RYKYFERKQ316PD4Z9BCH-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/275-buy-dream-classic-car-wide.jpg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: e286031ae11078
x-region: sea
content-disposition: inline
content-length: 23040
expires: Thu, 15 Aug 2024 03:17:24 GMT

GET
H2 200 147-loan-from-401k-wide.jpg
ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 17 KB
17 KB 103ms
103ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/147-loan-from-401k-wide.jpg

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e42c399f (2024-08-28) /

Resource Hash

b5645a9b9f5070900f4377bb1d2331bdf16bf39150dcd6f7c09640d7c4268d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
fly-request-id: 01J6M3RYKYRNJA1J3D7GT5P5JK-lax
server: Fly/e42c399f (2024-08-28)
x-cache-key: 250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/147-loan-from-401k-wide.jpg--with-webp
x-cache-status: STALE
vary: Accept
content-type: image/webp
cache-control: max-age=14400
x-instance: 5683d015bd1978
x-region: sea
content-disposition: inline
content-length: 17006
expires: Wed, 14 Aug 2024 19:31:48 GMT

GET
H2 200 sfuid.js Show response
static1.st8fm.com/en_US/applications/dasenblt_static_content/ 21 KB
5 KB 348ms
75ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AE) /

Resource Hash

acfab1e3846f4c81d1b41376854f82dcfbf36ac7becd0ea4ac4a623ba5149d0d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
content-encoding: br
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age: 12025
x-edg-version: 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=lac,edgio_country;desc=US,experiments;desc=%7B%22PASSTHROUGH_1714088154443%22%3Anull%2C%22MIGRATION_Duplicate_1723765464833%22%3Anull%7D
content-length: 4724
x-request-id: 1195876890194887203817370174705973642127, 105472637395212783813771655897282748015
last-modified: Tue, 21 May 2024 16:00:01 GMT
server: ECAcc (lac/55AE)
vary: Accept-Encoding
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=lac"}]}
content-type: application/javascript
access-control-allow-origin: *
x-edg-mr: 72:0;72:2;72:6;72:7;72:9;
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
expires: Sat, 31 Aug 2024 15:40:21 GMT

GET
H2 200 index.js Show response
deel-id-persistence.deel.c1.statefarm/ 17 KB
18 KB 502ms
218ms Script
application/javascript 18.164.96.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deel-id-persistence.deel.c1.statefarm/index.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-41.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d8b1c96e2472f2246de6fe4384f0a167a50729e42ee25be105c8106a2c1f69e

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
x-amz-version-id: 11ucInxRwnqZnc7hldJT3ngmdalfPHPZ
via: 1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 17435
last-modified: Wed, 07 Aug 2024 17:04:07 GMT
server: AmazonS3
etag: "9f425a3b276aa71048de60c83df28e43"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: PNPdVdVdbWNmaEWFBLqb5G3X_JTzgPQOdB6UG36DUhZgkaxXWXU6tA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 644 KB
127 KB 479ms
189ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2a29e9a39d734f4ca63c51ebb2e7925579f07a79f0c894032eab44c9db92eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129444
x-xss-protection: 0
last-modified: Sat, 31 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Aug 2024 11:40:21 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
31 KB 473ms
153ms Script
application/javascript 2600:9000:211c:2c00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:2c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 83c8a648af0dfcaae915eb3899a1134f8acff24074870cce970eee7606b2294d

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 08:47:31 GMT
content-encoding: br
via: 1.1 79c0ea1b8525955caa2a98e094ca20ec.cloudfront.net (CloudFront)
x-amz-version-id: wmpwOPbqa8DjBwhkVrQjZDmVj3JVDtq0
x-amz-cf-pop: JFK52-P4
age: 269571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Aug 2024 18:30:15 GMT
server: CloudFront
etag: W/"71990e5de66dd53c4d79874d52292004"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: kfQtDfR4VqFvv8cb35MHwLgaG3E0vBQ9T5r4Id_N1-NMRcb_iuDl2Q==

GET
H2 200 enterprisesfuid Show response
apps.statefarm.com/sfuidservice/ 50 B
903 B 231ms
230ms XHR
application/json 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

2702cb62856e100301afbc6570802216d95e5e4cdfdbacbec241a32b85db615b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
x-edg-version: 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
server-timing: edgio_cache;desc=UNCACHEABLE,edgio_pop;desc=lac,edgio_country;desc=US,experiments;desc=%7B%22PASSTHROUGH_1714088154443%22%3Anull%2C%22MIGRATION_Duplicate_1723765464833%22%3Anull%7D
content-length: 50
x-xss-protection: 1; mode=block
x-request-id: 168166502716100806414992681952786557293, 168166502716100806414992681952786557293
pragma: no-cache
server: ECAcc (dac/9C8A)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://wittagency.com
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=lac"}]}
x-edg-mr: 72:0;72:6;72:7;72:9;
cache-control: no-store
access-control-allow-credentials: true
x-frame-options: DENY
x-vcap-request-id: 0d9fb193-b32b-476b-6f29-3e52a774b1a5

OPTIONS
H2 200 enterprisesfuid
apps.statefarm.com/sfuidservice/ Frame 0
0 239ms
228ms Preflight 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://wittagency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://wittagency.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sat, 31 Aug 2024 11:40:21 GMT
expires: 0
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=lac"}]}
server: ECAcc (dac/9C8A)
server-timing: edgio_cache;desc=NONE,edgio_pop;desc=lac,edgio_country;desc=US,experiments;desc=%7B%22PASSTHROUGH_1714088154443%22%3Anull%2C%22MIGRATION_Duplicate_1723765464833%22%3Anull%7D
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-edg-mr: 72:0;72:6;72:7;72:9;
x-edg-version: 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e 158 72 57 NA 2024-08-23T16:19:41Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-frame-options: DENY
x-request-id: 150072188169768907449848421673717888690 150072188169768907449848421673717888690
x-vcap-request-id: c2cf3315-423b-4c30-5a73-6c8ff15c2d92
x-xss-protection: 1; mode=block

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1725104422048
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1725104422048

1 KB
1 KB

133ms
132ms

XHR
application/json

52.72.27.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1725104422048

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Server

52.72.27.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-27-52.compute-1.amazonaws.com

Software

Resource Hash

c6cb38fe14d51903fe068aa03d184c8cc41a177ef4c27a617c630ad62b65de36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v064-0a3808e7f.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sat, 31 Aug 2024 11:40:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: D6gf8W1FRCw=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://wittagency.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 609
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v064-00e4767d3.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sat, 31 Aug 2024 11:40:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: uj0Y6ID3SY8=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1725104422048
access-control-allow-origin: https://wittagency.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 502 B
833 B 149ms
148ms Script
text/javascript 2600:9000:211c:2c00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Tue%20Aug%2027%2018:30:12%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fwittagency.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:2c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 80dd2630bfd1936a8cfb770d4facd9d91ad1e8efd619fcde6184e8292f91e467

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
via: 1.1 79c0ea1b8525955caa2a98e094ca20ec.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 502
x-amz-cf-id: ySZb75MP_2pNG19O63mUyh37CW9SEeOVPT7GPy-eYJMe6cn6gGwqxg==
expires: Sat, 31 Aug 2024 11:40:21 GMT

GET
H3 200 12dd075ebb4b3ddd21e1934c7dc4bd03.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 146 KB
38 KB 138ms
137ms Script
application/javascript 18.238.55.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/12dd075ebb4b3ddd21e1934c7dc4bd03.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.55.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-18.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: bd49ab8bc4518f81c7b6167fa99f3268f15ce18e668c37c417b933cd2cba9187

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 01:23:55 GMT
x-amz-version-id: T6dhFHIWcNeSvDv0WcdeqP06yUFUxkKd
content-encoding: br
via: 1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
age: 987388
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Aug 2024 18:35:01 GMT
server: CloudFront
etag: W/"2f1982488f9ec38fc950820eb36bd6fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 55eYnMGRPyfrxiozIkJkoNOQzvQpB_23F549TrIkJohnUn-V6VjTxQ==

GET
H3 200 bab584e56bb3873ae03fc43b797d9255.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 138ms
137ms Script
application/javascript 18.238.55.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/bab584e56bb3873ae03fc43b797d9255.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.55.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-18.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e0449cf6d59fbef7039a69cf238fc5f894e606b1276585cb4ad573d91e040ec9

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 10:55:08 GMT
x-amz-version-id: 07Fd0euRbQ3jxTdz9vr6KLf569I20MV3
content-encoding: br
via: 1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
age: 1471515
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 18:10:36 GMT
server: CloudFront
etag: W/"d606761c7764352c4702e890c760fbcc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 9-8TjqQS-eX2Pg3NVG9V6GhM6gAc1K3Nr90Hu0Xv2lJJy0s_2Vm1fQ==

GET
H3 200 922239cbdb0638360a6a533f47f9b074.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 143ms
142ms Script
application/javascript 18.238.55.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/922239cbdb0638360a6a533f47f9b074.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.55.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-18.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 583346f22e03b35484e0e51cbb7ebed3dc8f9a8d8731838aab81f036cbf8314d

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 08:47:33 GMT
content-encoding: br
via: 1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
x-amz-version-id: _DeAaNgLlJilCfK5WosNFuEGTuduDFcD
age: 269570
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Aug 2024 18:30:15 GMT
server: CloudFront
etag: W/"184b151213a0e3a4c998047d295eedb2"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: MUa9v1Koyyqi_uh_qUm8ZFb57eD4ON1ehYtgDRpfXC_RMEF3iGmKSQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 350 KB
109 KB 167ms
166ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc19fb7cd5b8d7f99f95316e6e626bab61bb299c288f477f7f2288aff858fb69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 31 Aug 2024 11:40:22 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 280ms
142ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Aug 2024 11:40:22 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8073, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 78riJj7sixePKzgICC5sue3A5U/N/APBg9aX8b3oSMorNuTrsm7MflIXVZlocUa4SQSjV4RYIoneqaT03dNqVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 429ms
136ms Script
application/javascript 2a04:4e42:46::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:46::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
content-encoding: br
x-cdn: fastly
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1878

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 14 KB
6 KB 440ms
142ms Script
application/x-javascript 108.138.114.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.114.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-114-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 30 Aug 2024 19:23:49 GMT
Content-Encoding: gzip
Via: 1.1 87fe250b32fc87699b1f30c0c5ab6004.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Aug 2024 18:19:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 58594
x-amz-server-side-encryption: AES256
ETag: W/"0a898f6edf2d77595f7378557dd8fb96"
Transfer-Encoding: chunked
Vary: accept-encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: _gB-hYtLfxx17r0SqiCQcT2brHtbzONd-f40c_uuId0czu-wYBTI-Q==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 49 KB
21 KB 327ms
125ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 7d9b6ba4a6a863b4d132a498dd248d8391024d6ebe4289fffd6e5c53802c1094

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
content-encoding: gzip
via: 1.1 df8f783be0da9ba9d2af424b4b6561e6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LAX54-P1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21283
x-amz-cf-id: M2eNUTV2PwHxELcO91u_jM-MqH0t_-G0Rd8UOr7AVY0X8xSpDMQBAQ==

GET
H2 200 dataLayer_logic.js Show response
deel-id-persistence.deel.c1.statefarm/ 5 KB
5 KB 227ms
226ms Script
application/javascript 18.164.96.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/code/12dd075ebb4b3ddd21e1934c7dc4bd03.js?conditionId0=423109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-41.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70662baf71ae829be5ee24f6d3f3122def8c92a4509507bad0b6cd15d19cff55

Request headers

Referer: https://wittagency.com/
Origin: https://wittagency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
x-amz-version-id: rkqvF_fsEej.IiV1QW4986MyL8XFypCC
via: 1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5135
last-modified: Wed, 07 Aug 2024 17:04:07 GMT
server: AmazonS3
etag: "bc1cfd071862c7ccbb9487f42d3b043a"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: RDaH7Ju1u9g4Hf8KYIll-Oi6TtHVC77Zl-XA3ylTcmsPc5MJ3rpGvQ==

GET
H3 204 e.gif
nexus.ensighten.com/error/ 0
219 B 136ms
136ms Image
text/plain 18.238.55.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Error%3A%20Do%20not%20set%20Data%20Layer%20values%20to%20undefined.%20Use%20.delete%20to%20remove%20them%20instead%20at%20Object.set%20(https%3A%2F%2Finvocation.deel.c1.statefarm%2Fdeel.js%3Fprop%3Dagent%26optOut%3Dabtesting%2Csurvey%3A2%3A4274)%20at%20Object.set%20(https%3A%2F%2Finvocation.deel.c1.statefarm%2Fdeel.js%3Fprop%3Dagent%26optOut%3Dabtesting%2Csurvey%3A2%3A573)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F922239cbdb0638360a6a533f47f9b074.js%3FconditionId0%3D567025%3A5%3A28)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)&lnn=-1&fn=Intent%20events&cid=603&client=statefarm&publishPath=mirus&rid=4071490&did=628792&errorName=
Requested by: Host: wittagency.com
URL: https://wittagency.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.55.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-18.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 15:59:03 GMT
via: 1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
server: CloudFront
age: 70879
x-amz-cf-pop: JFK52-P4
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wlpRf0dIGYZUUBr6YM3ZTOC6xvhv5t3zAeXaU4jJ2PyDo9NkJtSyZg==

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame BFAC 0
0 406ms
130ms Document
text/html 3.89.169.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.89.169.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-89-169-13.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 31 Aug 2024 11:40:23 GMT
dcs: dcs-prod-va6-2-v064-03eee7112.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 19 Aug 2024 12:41:02 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: wev3VfesTbg=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
464 B 442ms
135ms XHR
application/x-javascript 63.140.38.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=83048048649362828192733532915073652705&ts=1725104422657

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.138 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-138.data.adobedc.net

Software

jag /

Resource Hash

24d1f50297518c68da2dda250ae2d9609a0fe5d993cd38a4690e3e0d4dc908d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://wittagency.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZtMBJwAAAHvPDAN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=86908629466016156473329225000773246013
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtMBJwAAAHvPDAN-

42 B
715 B

134ms
133ms

Image
image/gif

52.72.27.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtMBJwAAAHvPDAN-

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Server

52.72.27.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-27-52.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v064-0fb970f5e.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 7mEtZyqbSsY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtMBJwAAAHvPDAN-
Date: Sat, 31 Aug 2024 11:40:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 204 collect
analytics.google.com/g/ 0
0 452ms
152ms Fetch
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je48s0v9178161793z8849799669za200zb849799669&_p=1725104421530&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=834328021.1725104423&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1725104422&sct=1&seg=0&dl=https%3A%2F%2Fwittagency.com%2F&dt=State%20Farm%20Insurance%20Agent%20Bob%20Witt%20in%20Tucson%20AZ&en=page_view&_fv=1&_nsi=1&_ss=1&up.ECID=&tfd=2800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 11:40:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wittagency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 426ms
142ms Ping
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3WRNTYXP84&cid=834328021.1725104423&gtm=45je48s0v9178161793z8849799669za200zb849799669&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 11:40:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wittagency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 6F6B 0
0 447ms
159ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-3WRNTYXP84&gacid=834328021.1725104423&gtm=45je48s0v9178161793z8849799669za200zb849799669&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=529108989

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wittagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Aug 2024 11:40:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 109 KB
21 KB 2316ms
2316ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.166&r=stable&domain=wittagency.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

941bbc38d3311f468419f4b657f029f0afc6b388f6b844ac81802fb42207c48c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Aug 2024 11:40:25 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=78, mss=1232, tbw=71868, tp=70, tpl=0, uplat=2178, ullat=0
pragma: public
x-fb-debug: SgyRzxkhUnCrFLZidwL6NJbmLV0JmTONkv7mNoJ5hxWIeVWkG/SI4pkKbe+CbVhK3R7Cqk5Uwqtb995GILBZeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.json Show response
tr.snapchat.com/config/com/ 100 B
383 B 329ms
171ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.json?v=3.25.2-2408301847

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://wittagency.com
x-envoy-upstream-service-time: 50
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100

GET
H2 200 i
tr.snapchat.com/cm/ Frame 70A3 0
0 268ms
120ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=a77843fc-5f54-44ea-b607-6970742c6962&u_sclid=0cda5e38-7d51-4b34-85b8-af38529ace05

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sat, 31 Aug 2024 11:40:23 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 138ms
136ms Script
application/javascript 2a04:4e42:46::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:46::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:22 GMT
content-encoding: br
x-cdn: fastly
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 23701

POST
H2 200 updateUserPath Show response
id-persistence.deel.c1.statefarm/ 131 B
420 B 163ms
160ms Fetch
application/json 107.20.68.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id-persistence.deel.c1.statefarm/updateUserPath
Requested by: Host: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.20.68.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-68-222.compute-1.amazonaws.com
Software: /
Resource Hash: 5431f6f439d48412324f309a5d781e4868566e1da065bccf66accbb1c3f6b054

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
x-amzn-requestid: 980437ba-338f-4b9c-8fa1-1cda0ee569b3
x-amzn-trace-id: Root=1-66d30127-0eab116051bf0f5e63a6e4ee
allow: GET, OPTIONS, POST
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dX0ePEepoAMEtCg=
content-length: 131
access-control-allow-headers: *

OPTIONS
H2 200 updateUserPath
id-persistence.deel.c1.statefarm/ Frame 0
0 648ms
139ms Preflight
application/json 107.20.68.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id-persistence.deel.c1.statefarm/updateUserPath
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.20.68.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-68-222.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wittagency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 31 Aug 2024 11:40:23 GMT
x-amz-apigw-id: dX0eOELLIAMENrg=
x-amzn-requestid: d6608d9f-f59f-44c6-b624-f564fad89249
x-amzn-trace-id: Root=1-66d30127-2090cee450ae60ed5ff9fad5

POST
H2 200 p
tr.snapchat.com/ 0
238 B 282ms
132ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://wittagency.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 327 B
674 B 531ms
138ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1725104423095&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4093834129888151
content-length: 187
pin-unauth: dWlkPU9EUmtNRFV5TURndFpXRTNNeTAwWVRKbExUbGxNamt0T1dSa05qazRPVFJqT0RRNQ
pragma: no-cache
referrer-policy: origin
x-pinterest-rid-128bit: 942cdb71e2e5b5ad38d03873795a89aa
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wittagency.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 93d6a1d867f8b0734f174cc8ed92086bf0be681a
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
210 B 529ms
139ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwittagency.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1725104423097
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 11:40:23 GMT
referrer-policy: origin
x-cdn: fastly
x-pinterest-rid-128bit: 67f13d1664f9bd227b07ed607ea8c5b8
content-type: image/gif
access-control-allow-origin: https://wittagency.com
pinterest-version: 93d6a1d867f8b0734f174cc8ed92086bf0be681a
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8865315390199743
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s19264396486823
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
324 B 137ms
136ms Image
image/gif 63.140.38.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s19264396486823?AQB=1&ndh=1&pf=1&t=31%2F7%2F2024%201%3A40%3A23%206%20600&D=..&mid=83048048649362828192733532915073652705&aamlh=7&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-s%3Acgxnb3bt000&g=https%3A%2F%2Fwittagency.com%2F&ch=sf%3Aus%3Aagent-micro-s&server=wittagency.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-s%3Acgxnb3bt000&h1=home%7Cagent-micro-s%7Ccgxnb3bt000&c4=sf%3Aagent-micro-s%3Acgxnb3bt000&v6=wittagency.com&v8=033dd0&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fwittagency.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=saturday%7C6%3A30am&v50=8%2F31%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F128.0.0.0%20safari%2F537.36&c70=en&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.138 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-138.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 01 Sep 2024 11:40:23 GMT
server: jag
etag: 3704633541285117952-4618594151499145748
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 30 Aug 2024 11:40:23 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
45 B 129ms
124ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 p
tr.snapchat.com/ 0
44 B 126ms
123ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 31 Aug 2024 11:40:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://wittagency.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET 1936962093151750
connect.facebook.net/signals/config/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 412ms
135ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fwittagency.com&rl=&if=false&ts=1725104425258&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.1.1725104425254.999671159335524787&pm=1&hrl=865746&ler=empty&cdl=API_unavailable&it=1725104422904&coo=false&cs_cc=1&ccs=1116103673136860&cas=1214633611919409%2C7774361879320453%2C7617600818324929%2C24929369213345389%2C7675131075842370%2C7425328607552657%2C7624177140967951%2C7670719459657551%2C7215761388545315%2C7044499848989369%2C7324820104275253%2C7238804569529676%2C7374958915955390%2C7252568091464087%2C7360650587360734%2C5230493466989894&rqm=GET

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=133, rtx=0, c=10, mss=1297, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 31 Aug 2024 11:40:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 540ms
263ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fwittagency.com&rl=&if=false&ts=1725104425258&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.1.1725104425254.999671159335524787&pm=1&hrl=865746&ler=empty&cdl=API_unavailable&it=1725104422904&coo=false&cs_cc=1&ccs=1116103673136860&cas=1214633611919409%2C7774361879320453%2C7617600818324929%2C24929369213345389%2C7675131075842370%2C7425328607552657%2C7624177140967951%2C7670719459657551%2C7215761388545315%2C7044499848989369%2C7324820104275253%2C7238804569529676%2C7374958915955390%2C7252568091464087%2C7360650587360734%2C5230493466989894&rqm=FGET

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wittagency.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Sat, 31 Aug 2024 11:40:25 GMT
document-policy: force-load-at-top
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409267089610560542", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=133, rtx=0, c=10, mss=1297, tbw=3140, tp=-1, tpl=-1, uplat=120, ullat=0
pragma: no-cache
x-fb-debug: XNX1462FVa4pvbRVTU5c9hdZJyK/dzGKa1Yj8jw+mzFdTyYOg02ew9hIr0oveR+vZTBD7r5JBRbJ6FOqX4/5Og==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409267089610560542"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409267089610560542"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 66 B
310 B 133ms
130ms Fetch
application/json 104.198.70.133

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: wittagency.com
URL: https://wittagency.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

039b564eceffc3e229f341862df77c5ea017a706c73e0063078380d5d4f3b36e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wittagency.com/
keen-sdk: javascript-5.0.1
Authorization: WK
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 31 Aug 2024 11:40:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wittagency.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 66

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 591ms
133ms Preflight 104.198.70.133

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://wittagency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://wittagency.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Sat, 31 Aug 2024 11:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1936962093151750?v=2.9.166&r=stable&domain=wittagency.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C159%2C191%2C193%2C119%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C142%2C169%2C155%2C115%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 23:13:10	Name: X-AB Value: 93c221459c0647b982672c23613011bf
wittagency.com/	1970-01-20 23:13:10	Name: __cheesecrd_version Value: master
.wittagency.com/	1970-01-21 01:21:20	Name: _gcl_au Value: 1.1.2052197206.1725104422
.wittagency.com/	1970-01-20 23:11:46	Name: s_gad Value: 1
.demdex.net/	1970-01-21 03:30:56	Name: demdex Value: 86908629466016156473329225000773246013
.wittagency.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.wittagency.com/	1970-01-21 08:47:44	Name: _ga_3WRNTYXP84 Value: GS1.1.1725104422.1.0.1725104422.60.0.0
.wittagency.com/	1970-01-21 08:47:44	Name: _ga Value: GA1.1.834328021.1725104423
.wittagency.com/	1970-01-21 08:41:31	Name: _scid Value: 1b9aeb97-1b4b-4dae-82d1-0b188cfc77f9
.wittagency.com/	1970-01-21 08:41:31	Name: _scid_r Value: 1b9aeb97-1b4b-4dae-82d1-0b188cfc77f9
.statefarm.com/	1970-01-21 08:47:44	Name: s_ecid Value: MCMID%7C83048048649362828192733532915073652705
.wittagency.com/	1970-01-20 23:11:46	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-s%3Acgxnb3bt000
.wittagency.com/	1970-01-20 23:11:46	Name: s_pre_v6 Value: wittagency.com
.wittagency.com/	1970-01-20 23:11:46	Name: s_dl Value: 1
.wittagency.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.wittagency.com/	1970-01-21 08:47:44	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271725104423118%27%5D%5D
.wittagency.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fwittagency.com%2F%7Caowsv%3D033DD0%7CentryProperty%3Dhttps%3A%2F%2Fwittagency.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-s%7Cs_prev_ch%3Dagent-micro-s%7Cs_prev_pn%3Dcgxnb3bt000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-s%3Acgxnb3bt000%7Cmc%3Ddirect%20load%7C
.wittagency.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 23:11:45	Name: test_cookie Value: CheckForPermission
.dpm.demdex.net/	1970-01-21 03:30:56	Name: dpm Value: 86908629466016156473329225000773246013
.demdex.net/	1970-01-21 03:30:56	Name: dextp Value: 771-1-1725104423088\|903-1-1725104423190\|30646-1-1725104423290\|66757-1-1725104423392
.wittagency.com/	1970-01-21 08:47:44	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19967%7CMCMID%7C83048048649362828192733532915073652705%7CMCAAMLH-1725709222%7C7%7CMCAAMB-1725709222%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1725111623s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19974%7CvVersion%7C5.5.0
.wittagency.com/	1970-01-20 23:21:49	Name: _ScCbts Value: %5B%5D
.adsrvr.org/	1970-01-21 07:57:20	Name: TDID Value: a1f4b9bf-da0c-43c1-b581-d84b665c8431
.pinterest.com/	1970-01-21 07:57:20	Name: ar_debug Value: 1
.wittagency.com/	1970-01-21 07:57:20	Name: _pin_unauth Value: dWlkPU9EUmtNRFV5TURndFpXRTNNeTAwWVRKbExUbGxNamt0T1dSa05qazRPVFJqT0RRNQ
.adsrvr.org/	1970-01-21 07:57:20	Name: TDCPM Value: CAESEgoDYWFtEgsIwNKBvPfupD0QBRgFIAEoAjILCNiBu-eN76Q9EAU4AQ..
.yahoo.com/	1970-01-21 07:57:42	Name: A3 Value: d=AQABBCcB02YCEI_f4Uj7K5kykhMb5EwiRuUFEgEBAQFS1GbcZtwAAAAA_eMAAA&S=AQAAAg-MwZapqZNdVBsqF-Rtqdw
.analytics.yahoo.com/	1970-01-21 07:57:20	Name: IDSYNC Value: 19cu~2kfn
.tapad.com/	1970-01-21 00:38:08	Name: TapAd_TS Value: 1725104424145
.tapad.com/	1970-01-21 00:38:08	Name: TapAd_DID Value: 4cc29da8-18e7-440b-8b36-60a36055e929
.tapad.com/	1970-01-21 00:38:08	Name: TapAd_3WAY_SYNCS Value:
.snapchat.com/	1970-01-21 08:33:20	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3JwQ3AMAgDwImQDBghZ5sk7RYZPn32d9IVdjVCplwyesJm6rVsYa5v6unjxPCOcpDB8yMuxtDdZkAAAAA=
.wittagency.com/	1970-01-21 08:41:31	Name: _sctr Value: 1%7C1725098400000
.wittagency.com/	1970-01-21 01:21:20	Name: _fbp Value: fb.1.1725104425254.999671159335524787

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
apps.statefarm.com
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
id-persistence.deel.c1.statefarm
invocation.deel.c1.statefarm
js.adsrvr.org
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
s.pinimg.com
sc-static.net
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
stats.g.doubleclick.net
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
wittagency.com
www.facebook.com
www.googletagmanager.com
connect.facebook.net
104.198.70.133
107.20.68.222
108.138.114.112
117.18.238.236
151.101.0.84
157.240.241.1
18.164.96.41
18.238.55.18
2600:9000:211c:2c00:2:8f43:5780:93a1
2607:f8b0:4004:c06::9c
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::2008
2607:f8b0:4006:81e::200e
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:46::84
2a09:8280:1::42:4195
3.163.245.4
3.209.1.129
3.225.83.130
3.89.169.13
34.69.219.172
35.190.43.134
52.72.27.52
63.140.38.138
039b564eceffc3e229f341862df77c5ea017a706c73e0063078380d5d4f3b36e
0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3
134dccc183c867c9172435976c18a5e1bde4fbadf959f579a0e60a256c19c460
139003a0cda76e6576be534832e4aa70774e96e1e580f0b66ac887a4af9d4b28
16aec2c54d798f4468cbdcbe5d0642a2d89f985b2ee760e6404f8395d1874355
1d8b1c96e2472f2246de6fe4384f0a167a50729e42ee25be105c8106a2c1f69e
21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc
24d1f50297518c68da2dda250ae2d9609a0fe5d993cd38a4690e3e0d4dc908d4
2702cb62856e100301afbc6570802216d95e5e4cdfdbacbec241a32b85db615b
2cf1e6f93358c44cb9f8987bb8f38b8e99a3df46eb129fb3567269f8e100aac0
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
380ed2fb6e837d7dd401c15393c16c7551837347bccc38e9f4ec32d2be7aca7a
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
533160fc8f62238d2dd70b44c6b93f7d6935320e2c38a5d236fb7b78ad148838
5431f6f439d48412324f309a5d781e4868566e1da065bccf66accbb1c3f6b054
5612e07185add6333ccf39345089eedafce9235ae2770f3e3c93e88805532780
583346f22e03b35484e0e51cbb7ebed3dc8f9a8d8731838aab81f036cbf8314d
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
70662baf71ae829be5ee24f6d3f3122def8c92a4509507bad0b6cd15d19cff55
71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
744af589540875e08eecefd9dd21525f8c2cf66f55a4319d1cda41c9a08f189a
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314
7d9b6ba4a6a863b4d132a498dd248d8391024d6ebe4289fffd6e5c53802c1094
80dd2630bfd1936a8cfb770d4facd9d91ad1e8efd619fcde6184e8292f91e467
83c8a648af0dfcaae915eb3899a1134f8acff24074870cce970eee7606b2294d
860897dc7fd9f3850a221f64bd3a4094cf19fd31404f4fc51be2905bb5c93544
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
93103eec9f82571aa47fdb528b7e43cc375395be4b7d115ffaf0f64818523492
941bbc38d3311f468419f4b657f029f0afc6b388f6b844ac81802fb42207c48c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acfab1e3846f4c81d1b41376854f82dcfbf36ac7becd0ea4ac4a623ba5149d0d
ae0f56da91944a1aba01b4c27a20b2a633b1d1159cbfea68d2b6b184abb35741
b2a29e9a39d734f4ca63c51ebb2e7925579f07a79f0c894032eab44c9db92eab
b5645a9b9f5070900f4377bb1d2331bdf16bf39150dcd6f7c09640d7c4268d1c
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
bd49ab8bc4518f81c7b6167fa99f3268f15ce18e668c37c417b933cd2cba9187
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c47d26ca41305e3938f70e11da546ad9de84881117d5e7e169204ed94e63886f
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
c6cb38fe14d51903fe068aa03d184c8cc41a177ef4c27a617c630ad62b65de36
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cbcbbda071d847d153bc97e27ce20dcd44474d42eb6fba33fa7077309a5b8872
cc19fb7cd5b8d7f99f95316e6e626bab61bb299c288f477f7f2288aff858fb69
d1a4eb8548fca8bfed01a4a14fa1be680ef6e874aefd8794918d2d537b8b1e88
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d7a857d393495b28f849d18c67cd7fb823b1e000a92d3050150128fdf1d0f9c5
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
dcdd091c84eaa333bf7f2cb40ca8ce467e23934c5d8a4fc569b9a397ac61c7b6
e0449cf6d59fbef7039a69cf238fc5f894e606b1276585cb4ad573d91e040ec9
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88680cf795f76c86b289724e27e4c25e501cf9801a27bd2cd23aa08027ef321
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

wittagency.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

33 %IPv6

18 Domains

26 Subdomains

24 IPs

1 Countries

1316 kBTransfer

3362 kBSize

35 Cookies

22 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wittagency.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

33 %
IPv6

18
Domains

26
Subdomains

24
IPs

1
Countries

1316 kB
Transfer

3362 kB
Size

35
Cookies

72 HTTP transactions
0 data transactions